Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wifi Slows and Stops


  • This topic is locked This topic is locked
22 replies to this topic

#1 ProjectTrinity

ProjectTrinity

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 21 February 2016 - 07:25 AM

Hello!
 
     For the past several months, I've been having this ongoing problem where my internet would slow down to a crawl or outright lose connection. When I start my computer and login, I would have about one or two minutes of regular speed, and then things would start slowing down or outright disconnecting. And it would continue that way until I shut down the computer. Outside of windows explorer crashing almost every session at least once or twice, there's no hijacking attempt, slow computer, or anything else visibly happening to my computer: It's just a poor internet. I can't say I ever did much on this computer other than check mail, watch Youtube, and create music, but I do know the problem came out of the blue and only affects my PC. Every other laptop, mobile, and desktop can enjoy their normal internet speeds just fine. I tried checking my wi-fi adapter for errors, I've tried updating it, I've ran Spybot Search & Destroy, Malwarebytes, Avast, Adwcleaner, RKill, JRT, RogueKiller, but only Adwcleaner found something that I can't seem to get rid of: a "elicpjhcidhpjomhibiffojpinpmmpil" in three places. These can all be found in:
 
"c:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil"
"c:\Users\Me\AppData\Local\Google\Chrome\User Data\Default \Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil"
"c:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences\elicpjhcidhpjomhibiffojpinpmmpil"
 
I've also done all of them a second and third time on safe mode. Unfortunately, I do not have any logs from the scans, so if I need to do a new scan on any specific program and copy/paste the results here, I'll do so. Many thanks in advance on any headway you guys can provide!
 
-Windows 7 is the operating system on an HP Desktop.

Edited by Queen-Evie, 03 March 2016 - 11:22 AM.
moved from Am I Infected to MRL


BC AdBot (Login to Remove)

 


#2 rpbtf

rpbtf

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:44 AM

Posted 21 February 2016 - 11:18 AM

Hello,

"elicpjhcidhpjomhibiffojpinpmmpil" is the Chrome extension "Video Downloader professional". Some say it's spyware, others say it's not. You could delete the plugin in Chrome -> Preferences -> Plugins.

Ralf



#3 ProjectTrinity

ProjectTrinity
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 21 February 2016 - 06:18 PM

Hello again,

 

I've gotten rid of the extension and did another adwcleaner scan and sure enough, it's all gone now. However, the slow and halting internet is very much still present. 



#4 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:44 AM

Posted 02 March 2016 - 01:26 PM


:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step3: Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


:step4: MiniToolbox by Farbar

Disable your antivirus if it does not allow you to download the tool!
Please download MiniToolBox, save it to your desktop and run it.
Place a checkmark in Select all, then click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Copy and paste the contents of that logfile in your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 ProjectTrinity

ProjectTrinity
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 03 March 2016 - 01:46 AM

Hello, thank you for responding to my thread! I'll comply to your directions as best as I can.

 

"System Check Log"

 

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 WinPatrol 
 MVPS Hosts File  
 Spybot - Search & Destroy 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
 Adobe Flash Player 20.0.0.306  
 Google Chrome (48.0.2564.109) 
 Google Chrome (48.0.2564.116) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 WinPatrol winpatrol.exe 
 Ruiware WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
 
-----
 
"Malewarebytes: Anti-rootkit Log"
 
No Malware Found
 
-------
 
"AdwCleaner Log"
 
NOTE: "Play" is my software used for making music; I intend to keep it.
 

# AdwCleaner v4.111 - Logfile created 02/03/2015 at 06:08:45
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Johnathan Johnson - PROJECTTRINITY
# Running from : C:\Users\Johnathan Johnson\Desktop\adwcleaner_4.111 (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
 
-\\ Google Chrome v40.0.2214.115
 
[C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.netflix.com/WiSearch?raw_query=&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=
 
*************************
 
AdwCleaner[R0].txt - [2427 bytes] - [27/01/2014 16:06:36]
AdwCleaner[R10].txt - [1903 bytes] - [22/12/2014 13:37:51]
AdwCleaner[R11].txt - [4288 bytes] - [12/01/2015 16:08:06]
AdwCleaner[R12].txt - [1878 bytes] - [26/01/2015 19:16:38]
AdwCleaner[R13].txt - [2482 bytes] - [28/01/2015 12:36:00]
AdwCleaner[R14].txt - [2796 bytes] - [24/02/2015 07:13:04]
AdwCleaner[R15].txt - [2402 bytes] - [01/03/2015 19:46:25]
AdwCleaner[R16].txt - [2920 bytes] - [01/03/2015 19:53:02]
AdwCleaner[R17].txt - [341 bytes] - [02/03/2015 06:00:21]
AdwCleaner[R18].txt - [3105 bytes] - [02/03/2015 06:06:02]
AdwCleaner[R1].txt - [2391 bytes] - [21/06/2014 10:18:28]
AdwCleaner[R2].txt - [2626 bytes] - [10/09/2014 19:42:24]
AdwCleaner[R3].txt - [1087 bytes] - [02/10/2014 09:42:21]
AdwCleaner[R4].txt - [1160 bytes] - [11/10/2014 12:58:37]
AdwCleaner[R5].txt - [1421 bytes] - [19/10/2014 17:06:43]
AdwCleaner[R6].txt - [1888 bytes] - [07/11/2014 12:45:23]
AdwCleaner[R7].txt - [1597 bytes] - [11/11/2014 05:14:18]
AdwCleaner[R8].txt - [1443 bytes] - [11/11/2014 05:30:33]
AdwCleaner[R9].txt - [1804 bytes] - [03/12/2014 18:15:35]
AdwCleaner[S0].txt - [2676 bytes] - [10/09/2014 19:45:25]
AdwCleaner[S10].txt - [2508 bytes] - [02/03/2015 06:08:45]
AdwCleaner[S1].txt - [2030 bytes] - [07/11/2014 13:00:43]
AdwCleaner[S2].txt - [1662 bytes] - [11/11/2014 05:16:30]
AdwCleaner[S3].txt - [1869 bytes] - [03/12/2014 21:30:54]
AdwCleaner[S4].txt - [1968 bytes] - [22/12/2014 13:40:34]
AdwCleaner[S5].txt - [4394 bytes] - [12/01/2015 17:01:06]
AdwCleaner[S6].txt - [2548 bytes] - [28/01/2015 12:47:14]
AdwCleaner[S7].txt - [2864 bytes] - [24/02/2015 07:14:35]
AdwCleaner[S8].txt - [2471 bytes] - [01/03/2015 19:48:03]
AdwCleaner[S9].txt - [2993 bytes] - [01/03/2015 20:08:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [3099  bytes] ##########
# AdwCleaner v5.037 - Logfile created 03/03/2016 at 01:30:35
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Johnathan Johnson - PROJECTTRINITY
# Running from : C:\Users\Johnathan Johnson\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
Folder Found : C:\Users\Johnathan Johnson\Documents\Play
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [1840 bytes] - [20/02/2016 02:09:49]
C:\AdwCleaner\AdwCleaner[C2].txt - [1186 bytes] - [01/03/2016 07:59:36]
C:\AdwCleaner\AdwCleaner[C29].txt - [1392 bytes] - [02/09/2015 18:12:05]
C:\AdwCleaner\AdwCleaner[C30].txt - [1264 bytes] - [12/10/2015 01:10:51]
C:\AdwCleaner\AdwCleaner[C31].txt - [1735 bytes] - [08/01/2016 16:18:29]
C:\AdwCleaner\AdwCleaner[C32].txt - [1368 bytes] - [11/01/2016 04:04:29]
C:\AdwCleaner\AdwCleaner[C34].txt - [4560 bytes] - [21/01/2016 01:04:02]
C:\AdwCleaner\AdwCleaner[C35].txt - [1073 bytes] - [18/02/2016 19:32:37]
C:\AdwCleaner\AdwCleaner[R0].txt - [2427 bytes] - [27/01/2014 19:06:36]
C:\AdwCleaner\AdwCleaner[R1].txt - [2391 bytes] - [21/06/2014 13:18:28]
C:\AdwCleaner\AdwCleaner[R10].txt - [1903 bytes] - [22/12/2014 16:37:51]
C:\AdwCleaner\AdwCleaner[R11].txt - [4288 bytes] - [12/01/2015 19:08:06]
C:\AdwCleaner\AdwCleaner[R12].txt - [1878 bytes] - [26/01/2015 22:16:38]
C:\AdwCleaner\AdwCleaner[R13].txt - [2482 bytes] - [28/01/2015 15:36:00]
C:\AdwCleaner\AdwCleaner[R14].txt - [2796 bytes] - [24/02/2015 10:13:04]
C:\AdwCleaner\AdwCleaner[R15].txt - [2402 bytes] - [01/03/2015 22:46:25]
C:\AdwCleaner\AdwCleaner[R16].txt - [2920 bytes] - [01/03/2015 22:53:02]
C:\AdwCleaner\AdwCleaner[R17].txt - [341 bytes] - [02/03/2015 09:00:21]
C:\AdwCleaner\AdwCleaner[R18].txt - [3105 bytes] - [02/03/2015 09:06:02]
C:\AdwCleaner\AdwCleaner[R19].txt - [2672 bytes] - [02/03/2015 09:18:36]
C:\AdwCleaner\AdwCleaner[R2].txt - [2626 bytes] - [10/09/2014 22:42:24]
C:\AdwCleaner\AdwCleaner[R20].txt - [2732 bytes] - [02/03/2015 09:39:39]
C:\AdwCleaner\AdwCleaner[R21].txt - [2792 bytes] - [02/03/2015 09:55:21]
C:\AdwCleaner\AdwCleaner[R22].txt - [3458 bytes] - [02/03/2015 09:57:54]
C:\AdwCleaner\AdwCleaner[R23].txt - [3518 bytes] - [02/03/2015 10:25:49]
C:\AdwCleaner\AdwCleaner[R24].txt - [352 bytes] - [06/03/2015 09:41:09]
C:\AdwCleaner\AdwCleaner[R25].txt - [352 bytes] - [06/03/2015 09:41:27]
C:\AdwCleaner\AdwCleaner[R26].txt - [3774 bytes] - [06/03/2015 09:48:54]
C:\AdwCleaner\AdwCleaner[R27].txt - [3333 bytes] - [06/03/2015 10:11:53]
C:\AdwCleaner\AdwCleaner[R28].txt - [3355 bytes] - [06/03/2015 10:22:22]
C:\AdwCleaner\AdwCleaner[R29].txt - [3853 bytes] - [11/03/2015 20:27:55]
C:\AdwCleaner\AdwCleaner[R3].txt - [1087 bytes] - [02/10/2014 12:42:21]
C:\AdwCleaner\AdwCleaner[R30].txt - [3578 bytes] - [12/03/2015 00:28:54]
C:\AdwCleaner\AdwCleaner[R31].txt - [3743 bytes] - [12/03/2015 14:04:39]
C:\AdwCleaner\AdwCleaner[R32].txt - [4792 bytes] - [06/04/2015 20:54:25]
C:\AdwCleaner\AdwCleaner[R33].txt - [4785 bytes] - [18/04/2015 20:15:34]
C:\AdwCleaner\AdwCleaner[R34].txt - [4859 bytes] - [24/04/2015 03:31:21]
C:\AdwCleaner\AdwCleaner[R35].txt - [4071 bytes] - [24/04/2015 08:15:22]
C:\AdwCleaner\AdwCleaner[R36].txt - [4754 bytes] - [24/04/2015 11:26:53]
C:\AdwCleaner\AdwCleaner[R37].txt - [4835 bytes] - [24/04/2015 11:49:25]
C:\AdwCleaner\AdwCleaner[R38].txt - [4895 bytes] - [24/04/2015 11:51:10]
C:\AdwCleaner\AdwCleaner[R39].txt - [5054 bytes] - [25/04/2015 03:49:21]
C:\AdwCleaner\AdwCleaner[R4].txt - [1160 bytes] - [11/10/2014 15:58:37]
C:\AdwCleaner\AdwCleaner[R40].txt - [5114 bytes] - [25/04/2015 03:57:22]
C:\AdwCleaner\AdwCleaner[R41].txt - [5479 bytes] - [25/04/2015 04:50:16]
C:\AdwCleaner\AdwCleaner[R42].txt - [5599 bytes] - [25/04/2015 11:38:01]
C:\AdwCleaner\AdwCleaner[R43].txt - [5726 bytes] - [08/05/2015 19:16:03]
C:\AdwCleaner\AdwCleaner[R44].txt - [5775 bytes] - [10/05/2015 01:08:07]
C:\AdwCleaner\AdwCleaner[R45].txt - [5553 bytes] - [10/05/2015 01:35:35]
C:\AdwCleaner\AdwCleaner[R46].txt - [5081 bytes] - [10/05/2015 01:39:48]
C:\AdwCleaner\AdwCleaner[R47].txt - [5141 bytes] - [10/05/2015 01:52:00]
C:\AdwCleaner\AdwCleaner[R48].txt - [5636 bytes] - [02/07/2015 05:53:51]
C:\AdwCleaner\AdwCleaner[R49].txt - [5695 bytes] - [08/07/2015 22:00:53]
C:\AdwCleaner\AdwCleaner[R5].txt - [1421 bytes] - [19/10/2014 20:06:43]
C:\AdwCleaner\AdwCleaner[R50].txt - [5756 bytes] - [20/07/2015 19:17:30]
C:\AdwCleaner\AdwCleaner[R51].txt - [5815 bytes] - [21/07/2015 01:35:43]
C:\AdwCleaner\AdwCleaner[R52].txt - [5844 bytes] - [02/08/2015 22:26:27]
C:\AdwCleaner\AdwCleaner[R53].txt - [5682 bytes] - [09/08/2015 07:43:24]
C:\AdwCleaner\AdwCleaner[R54].txt - [5742 bytes] - [11/08/2015 15:17:22]
C:\AdwCleaner\AdwCleaner[R55].txt - [5802 bytes] - [19/08/2015 01:26:19]
C:\AdwCleaner\AdwCleaner[R56].txt - [5862 bytes] - [25/08/2015 19:52:18]
C:\AdwCleaner\AdwCleaner[R57].txt - [6200 bytes] - [31/08/2015 20:25:43]
C:\AdwCleaner\AdwCleaner[R58].txt - [6320 bytes] - [01/09/2015 23:34:04]
C:\AdwCleaner\AdwCleaner[R6].txt - [1888 bytes] - [07/11/2014 15:45:23]
C:\AdwCleaner\AdwCleaner[R64].txt - [6829 bytes] - [19/01/2016 16:32:43]
C:\AdwCleaner\AdwCleaner[R65].txt - [6743 bytes] - [19/01/2016 17:22:13]
C:\AdwCleaner\AdwCleaner[R66].txt - [13792 bytes] - [20/01/2016 23:29:09]
C:\AdwCleaner\AdwCleaner[R67].txt - [7049 bytes] - [18/02/2016 10:45:59]
C:\AdwCleaner\AdwCleaner[R7].txt - [1597 bytes] - [11/11/2014 08:14:18]
C:\AdwCleaner\AdwCleaner[R70].txt - [7339 bytes] - [22/02/2016 18:22:55]
C:\AdwCleaner\AdwCleaner[R71].txt - [7413 bytes] - [23/02/2016 20:28:08]
C:\AdwCleaner\AdwCleaner[R72].txt - [7474 bytes] - [01/03/2016 07:43:47]
C:\AdwCleaner\AdwCleaner[R8].txt - [1443 bytes] - [11/11/2014 08:30:33]
C:\AdwCleaner\AdwCleaner[R9].txt - [1804 bytes] - [03/12/2014 21:15:35]
C:\AdwCleaner\AdwCleaner[S0].txt - [2676 bytes] - [10/09/2014 22:45:25]
C:\AdwCleaner\AdwCleaner[S1].txt - [3726 bytes] - [07/11/2014 16:00:43]
C:\AdwCleaner\AdwCleaner[S10].txt - [9557 bytes] - [02/03/2015 09:08:45]
C:\AdwCleaner\AdwCleaner[S11].txt - [2861 bytes] - [02/03/2015 09:56:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [3593 bytes] - [02/03/2015 10:26:45]
C:\AdwCleaner\AdwCleaner[S13].txt - [3849 bytes] - [06/03/2015 10:09:29]
C:\AdwCleaner\AdwCleaner[S14].txt - [3402 bytes] - [06/03/2015 10:13:55]
C:\AdwCleaner\AdwCleaner[S15].txt - [3929 bytes] - [11/03/2015 20:30:36]
C:\AdwCleaner\AdwCleaner[S16].txt - [4876 bytes] - [06/04/2015 20:56:48]
C:\AdwCleaner\AdwCleaner[S17].txt - [4867 bytes] - [18/04/2015 20:17:02]
C:\AdwCleaner\AdwCleaner[S18].txt - [4939 bytes] - [24/04/2015 04:10:51]
C:\AdwCleaner\AdwCleaner[S19].txt - [4830 bytes] - [24/04/2015 11:46:41]
C:\AdwCleaner\AdwCleaner[S2].txt - [2935 bytes] - [11/11/2014 08:16:30]
C:\AdwCleaner\AdwCleaner[S20].txt - [4971 bytes] - [24/04/2015 11:52:10]
C:\AdwCleaner\AdwCleaner[S21].txt - [5189 bytes] - [25/04/2015 03:59:12]
C:\AdwCleaner\AdwCleaner[S22].txt - [5228 bytes] - [25/04/2015 05:00:30]
C:\AdwCleaner\AdwCleaner[S23].txt - [5531 bytes] - [25/04/2015 11:39:29]
C:\AdwCleaner\AdwCleaner[S24].txt - [5629 bytes] - [10/05/2015 01:36:21]
C:\AdwCleaner\AdwCleaner[S25].txt - [5918 bytes] - [02/08/2015 22:35:22]
C:\AdwCleaner\AdwCleaner[S26].txt - [6274 bytes] - [31/08/2015 20:27:17]
C:\AdwCleaner\AdwCleaner[S27].txt - [6394 bytes] - [01/09/2015 23:41:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [2716 bytes] - [04/12/2014 00:30:54]
C:\AdwCleaner\AdwCleaner[S32].txt - [6899 bytes] - [19/01/2016 16:37:06]
C:\AdwCleaner\AdwCleaner[S35].txt - [7405 bytes] - [22/02/2016 18:30:03]
C:\AdwCleaner\AdwCleaner[S4].txt - [2814 bytes] - [22/12/2014 16:40:34]
C:\AdwCleaner\AdwCleaner[S5].txt - [5241 bytes] - [12/01/2015 20:01:06]
C:\AdwCleaner\AdwCleaner[S6].txt - [3382 bytes] - [28/01/2015 15:47:14]
C:\AdwCleaner\AdwCleaner[S60].txt - [1294 bytes] - [02/09/2015 18:09:42]
C:\AdwCleaner\AdwCleaner[S61].txt - [1173 bytes] - [04/09/2015 00:06:34]
C:\AdwCleaner\AdwCleaner[S62].txt - [1172 bytes] - [12/10/2015 00:44:45]
C:\AdwCleaner\AdwCleaner[S63].txt - [1597 bytes] - [08/01/2016 16:15:26]
C:\AdwCleaner\AdwCleaner[S64].txt - [1248 bytes] - [11/01/2016 03:35:13]
C:\AdwCleaner\AdwCleaner[S68].txt - [1587 bytes] - [21/01/2016 00:57:22]
C:\AdwCleaner\AdwCleaner[S69].txt - [4248 bytes] - [21/01/2016 01:00:16]
C:\AdwCleaner\AdwCleaner[S7].txt - [2864 bytes] - [24/02/2015 10:14:35]
C:\AdwCleaner\AdwCleaner[S70].txt - [965 bytes] - [18/02/2016 19:12:58]
C:\AdwCleaner\AdwCleaner[S8].txt - [3543 bytes] - [01/03/2015 22:48:03]
C:\AdwCleaner\AdwCleaner[S9].txt - [12112 bytes] - [01/03/2015 23:08:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [12213 bytes] ##########
 
---
 
"MiniToolBox Log"
 

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Johnathan Johnson (administrator) on 03-03-2016 at 01:38:33
Running from "C:\Users\Johnathan Johnson\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: h8-1260t Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1       localhost127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15461 entries.
 
========================= IP Configuration: ================================
 
Broadcom BCM943228HMB 802.11abgn 2x2 Wi-Fi Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Hardware not present)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : ProjectTrinity
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 9C-B7-0D-66-A5-53
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   Description . . . . . . . . . . . : Broadcom BCM943228HMB 802.11abgn 2x2 Wi-Fi Adapter
   Physical Address. . . . . . . . . : 9C-B7-0D-66-A5-53
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:cc:4103:71e0:906f:299e:3742:1efe(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:cc:4103:71e0:42e:c1b1:e997:75b4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::906f:299e:3742:1efe%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.9(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, March 02, 2016 2:47:32 PM
   Lease Expires . . . . . . . . . . : Wednesday, March 09, 2016 2:47:43 PM
   Default Gateway . . . . . . . . . : fe80::200:caff:fe11:2233%14
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 261928717
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-66-98-78-E8-40-F2-57-BD-7B
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{E976788D-0861-4A72-99BB-11804FC3023D}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.ga.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    google.com
Addresses:  2607:f8b0:4002:c06::71
 74.125.196.113
 74.125.196.102
 74.125.196.139
 74.125.196.138
 74.125.196.101
 74.125.196.100
 
 
Pinging google.com [2607:f8b0:4000:806::200e] with 32 bytes of data:
Reply from 2607:f8b0:4000:806::200e: time=53ms 
Reply from 2607:f8b0:4000:806::200e: time=32ms 
 
Ping statistics for 2607:f8b0:4000:806::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 32ms, Maximum = 53ms, Average = 42ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=45ms 
Reply from 2001:4998:58:c02::a9: time=44ms 
 
Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 45ms, Average = 44ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 18...9c b7 0d 66 a5 53 ......Microsoft Virtual WiFi Miniport Adapter
 14...9c b7 0d 66 a5 53 ......Broadcom BCM943228HMB 802.11abgn 2x2 Wi-Fi Adapter
  1...........................Software Loopback Interface 1
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.9     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.9    281
         10.0.0.9  255.255.255.255         On-link          10.0.0.9    281
       10.0.0.255  255.255.255.255         On-link          10.0.0.9    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.9    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.9    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14    281 ::/0                     fe80::200:caff:fe11:2233
  1    306 ::1/128                  On-link
 14     33 2601:cc:4103:71e0::/64   On-link
 14    281 2601:cc:4103:71e0:42e:c1b1:e997:75b4/128
                                    On-link
 14    281 2601:cc:4103:71e0:906f:299e:3742:1efe/128
                                    On-link
 14    281 fe80::/64                On-link
 14    281 fe80::906f:299e:3742:1efe/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/02/2016 02:32:42 PM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 7.18.0.111 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 13ac
 
Start Time: 01d174a0057c7cbc
 
Termination Time: 10
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: 82843a70-e0ad-11e5-883c-ab6414a8a096
 
Error: (03/01/2016 11:15:03 PM) (Source: Application Hang) (User: )
Description: The program FL.exe version 1.1.6.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 6af8
 
Start Time: 01d17439e78d005f
 
Termination Time: 9
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe
 
Report Id: 4ff345e1-e02d-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:12:46 PM) (Source: Application Hang) (User: )
Description: The program FL.exe version 1.1.6.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d264
 
Start Time: 01d1743960bd71eb
 
Termination Time: 9
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe
 
Report Id: 0299b9b0-e02d-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:09:47 PM) (Source: Application Hang) (User: )
Description: The program FL.exe version 1.1.6.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2b94
 
Start Time: 01d174393f2e8f80
 
Termination Time: 6
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe
 
Report Id: 9320a1b6-e02c-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:08:54 PM) (Source: Application Hang) (User: )
Description: The program FL64.exe version 1.1.5.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 37a0
 
Start Time: 01d17419d3194c66
 
Termination Time: 17
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 11\FL64.exe
 
Report Id:
 
Error: (03/01/2016 08:07:42 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (03/01/2016 08:01:42 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (03/01/2016 07:59:41 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (03/01/2016 07:45:32 AM) (Source: Software Protection Platform Service) (User: )
Description: The Software Protection service failed to start. 0x80070002
6.1.7601.17514
 
Error: (03/01/2016 07:44:35 AM) (Source: Software Protection Platform Service) (User: )
Description: The Software Protection service failed to start. 0x80070002
6.1.7601.17514
 
 
System errors:
=============
Error: (03/01/2016 07:59:36 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Run the configured recovery program.
 
Error: (03/01/2016 07:56:31 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
 
Error: (03/01/2016 07:56:31 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
 
Error: (03/01/2016 07:55:42 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/01/2016 07:55:42 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/01/2016 07:55:40 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (03/01/2016 07:55:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 21
 
Error: (03/01/2016 07:55:34 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (03/01/2016 07:55:34 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/01/2016 07:55:32 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
 
Microsoft Office Sessions:
=========================
Error: (03/02/2016 02:32:42 PM) (Source: Application Hang)(User: )
Description: Skype.exe7.18.0.11113ac01d174a0057c7cbc10C:\Program Files (x86)\Skype\Phone\Skype.exe82843a70-e0ad-11e5-883c-ab6414a8a096
 
Error: (03/01/2016 11:15:03 PM) (Source: Application Hang)(User: )
Description: FL.exe1.1.6.06af801d17439e78d005f9C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe4ff345e1-e02d-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:12:46 PM) (Source: Application Hang)(User: )
Description: FL.exe1.1.6.0d26401d1743960bd71eb9C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe0299b9b0-e02d-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:09:47 PM) (Source: Application Hang)(User: )
Description: FL.exe1.1.6.02b9401d174393f2e8f806C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe9320a1b6-e02c-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:08:54 PM) (Source: Application Hang)(User: )
Description: FL64.exe1.1.5.037a001d17419d3194c6617C:\Program Files (x86)\Image-Line\FL Studio 11\FL64.exe
 
Error: (03/01/2016 08:07:42 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (03/01/2016 08:01:42 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (03/01/2016 07:59:41 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (03/01/2016 07:45:32 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700026.1.7601.17514
 
Error: (03/01/2016 07:44:35 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700026.1.7601.17514
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-02-20 01:53:22.545
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-20 01:53:22.498
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-20 01:53:22.451
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-20 01:53:22.404
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.186
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.140
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.108
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.062
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-02 10:07:42.387
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-02 10:07:42.325
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
[PS3] Save Resigner (HKLM-x32\...\[PS3] Save Resigner 2.0.2) (Version: 2.0.2 - The Prince of Codes)
[PS3] Save Resigner (HKLM-x32\...\{96CF2F0B-EBB0-4D7F-852F-C54A30C8E5CF}) (Version: 2.0.2 - The Prince of Codes) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
ANT Drivers Installer x64 (HKLM\...\{CC7132C7-8532-4EA7-8E3F-53260C0BE168}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Autodesk 3ds Max 2014 (HKLM\...\{52B37EC7-D836-0409-0064-3C24BCED2010}) (Version: 16.5.277.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.5.277.0 - Autodesk)
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk 3ds Max 2014 SP2 (HKLM\...\Autodesk 3ds Max 2014 HF1) (Version: 16.2.475.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 SP5 (HKLM\...\Autodesk 3ds Max 2014 SP4) (Version: 16.5.277.0 - Autodesk)
Autodesk 3ds Max 2016 (HKLM\...\{52B37EC7-D836-0410-0464-3C24BCED2010}) (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 Evolver High Res (HKLM\...\{3D13E65E-256C-4042-89C4-BAE71F06A16D}) (Version: 18.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Composite 2014 (HKLM\...\{5AAB972C-FF31-4B01-8445-50C42860EC02}) (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk DirectConnect 2014 64-bit (HKLM\...\{8FC7C2B2-0F64-4B35-AA3D-2B051D009243}) (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Revit Interoperability for 3ds Max  (HKLM\...\{0BB716E0-1600-0610-0000-097DC2F354DF}) (Version: 16.0.394.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max  (HKLM\...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\{0BB716E0-1400-0610-0000-097DC2F354DF}) (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Bejeweled 3 (HKLM-x32\...\WTA-29ed797a-5f9b-4e55-b68f-2343c21a1ab9) (Version: 2.2.0.97 - WildTangent) Hidden
Belkin USB Wireless Adapter (HKLM-x32\...\{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin) Hidden
Belkin USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin)
Black Desert Character Creator (HKLM-x32\...\{83AC6E37-6497-4A01-BB5D-AA845BA08832}) (Version: 1.0.0.2 - Daum Games EU)
Blackhawk Striker 2 (HKLM-x32\...\WTA-91c097fd-acd3-4db5-bd80-c27654053042) (Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth by hp (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.1200 - Broadcom Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brilliant Shadows - Part One of the Book of Gray Magic (HKLM-x32\...\Steam App 409920) (Version:  - Ithaqua Labs)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version:  - Broadcom Corporation)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version:  - Starbreeze Studios AB)
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chuzzle Deluxe (HKLM-x32\...\WTA-9647b1ab-6419-4017-beb5-07f4f3997c34) (Version: 2.2.0.95 - WildTangent) Hidden
ComiPo! Trial Edition (English Version) (HKLM-x32\...\ComiPoEngTrial) (Version: 1.00 - Web Technology Corp.)
Connect (HKLM-x32\...\Connect 2.2.2) (Version: 2.2.2 - Continuata)
Construct 2 r184 (HKLM\...\Construct 2_is1) (Version: 1.0.184.0 - Scirra)
Cradle of Rome 2 (HKLM-x32\...\WTA-898b167e-b4db-472d-96cd-975c6802e3f9) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink Media Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.4505 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DebugMode PluginPac (remove only) (HKLM-x32\...\PluginPac) (Version:  - )
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-60393a5c-4fc6-485f-af9b-2045b9fdbf4f) (Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (HKLM-x32\...\{4694981D-8031-4526-90BE-E5F7FB80CBB8}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.3.0.25 - Best Service)
Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
EW Installation Center (HKLM-x32\...\{EW Installation Center}}_is1) (Version: 1.1.5 - EastWest Sounds, Inc.)
EWQL Hollywood Strings Gold (HKLM\...\{51E88FBA-188D-402A-AC9E-4B36AEE2573C}) (Version: 2.1.2 - EastWest Sounds, Inc.)
f.lux (HKCU\...\Flux) (Version:  - )
Farm Frenzy (HKLM-x32\...\WTA-c15173c4-32d3-44b7-8048-a52405321895) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-4206fd56-922c-4191-bc22-76445e32458b) (Version: 2.2.0.98 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-f0f34076-cfae-4475-b4e2-799e0d355860) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-ec47ee05-8dd2-4b54-8dab-454d0a9e391d) (Version: 2.2.0.95 - WildTangent) Hidden
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version:  - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
GameSalad Creator (HKLM-x32\...\{42C1A82C-0F7D-4B3E-AEA5-2BD75A5DF390}) (Version: 0.10.4.1 - GameSalad)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A92D383B-FD85-4B9C-A5D9-3647C71E48A1}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{D52EDFA2-13A7-4765-8650-4AB30E6DB77F}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.165 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-1fda2ad4-9981-4f5b-a739-fa71ec7b27cb) (Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
HydraVision (HKLM-x32\...\{91F640DC-EB0C-419B-E8EC-543E65188352}) (Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6349.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
iZotope Vinyl (HKLM-x32\...\iZotope Vinyl_is1) (Version: 1.61 - iZotope, Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-0d4d6059-f853-413d-b690-a33ea7897ca3) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-3bbb5608-1b53-4ded-8f27-19ae18166027) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-a0f3fce7-0768-42e9-a688-f44241b39fd3) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
Kobo (HKLM-x32\...\Kobo) (Version: 2.0.3 - Kobo Inc.)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Letters from Nowhere 2 (HKLM-x32\...\WTA-eb4b3884-7ef1-4302-acd5-f896747becfc) (Version: 2.2.0.97 - WildTangent) Hidden
LilyPond (HKLM-x32\...\LilyPond) (Version:  - )
Live2D Cubism 2.0.01 (HKLM-x32\...\Live2D Cubism) (Version: 2.0.01 - Live2D Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luxor HD (HKLM-x32\...\WTA-95c7a4e0-fdae-4c6d-a0e4-c1460d9b9cd4) (Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Independence Libraries Common Files (HKLM\...\{34563DEE-79CD-4E2B-B41B-41A81B8188F0}) (Version: 3.2.0.0 - MAGIX AG) Hidden
MAGIX Independence Libraries Common Files (HKLM\...\MX.{34563DEE-79CD-4E2B-B41B-41A81B8188F0}) (Version: 3.2.0.0 - MAGIX AG)
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\{CE4E2B9B-9D8C-4857-8BD5-230CE6E24A3B}) (Version: 3.2.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\MX.{CE4E2B9B-9D8C-4857-8BD5-230CE6E24A3B}) (Version: 3.2.0.0 - MAGIX AG)
MAGIX Independence Pro Software Suite 3.2 (HKLM\...\{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.2.0.91 - MAGIX AG) Hidden
MAGIX Independence Pro Software Suite 3.2 (HKLM-x32\...\MX.{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.2.0.91 - MAGIX AG)
Mah Jong Medley (HKLM-x32\...\WTA-cae16b43-7351-463e-8867-b9aac8fb5a6d) (Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2A6118E1-2BF0-11E5-8A11-F04DA23A5C58}) (Version: 13.0.955 - Sony)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.4.199 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.2.245 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version:  - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.0.699 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Neat Image v7.6.0 Demo Standalone (HKLM\...\Neat Image Standalone_is1) (Version:  - Neat Image team, ABSoft)
Neat Video v3.6.0 Demo plug-in for Sony Vegas (64-bit) (HKLM\...\Neat Video for Sony Vegas_is1) (Version:  - Neat Video team, ABSoft)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
null (HKLM-x32\...\MonsterMaker) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (HKLM-x32\...\WTA-65fd16ad-9cd8-41e9-b0c3-3d0e7570dd91) (Version: 2.2.0.98 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-cf609a0a-ad24-460b-a424-588a23b210dd) (Version: 2.2.0.98 - WildTangent) Hidden
PLAY 4.3.2 (HKLM-x32\...\EW PLAY_is1) (Version: 4.3.2 - EastWest Sounds, Inc.)
Play Update 4.1.5 (HKLM\...\{7800ACD2-1553-4B06-81EA-4E3437D839AB}) (Version: 4.1.5 - EastWest Sounds, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poetic Guitar II (HKLM-x32\...\Poetic Guitar II) (Version: 1.0 - Times Concept)
Poker Superstars III (HKLM-x32\...\WTA-98bb3ffd-0830-4bf4-9ba8-702f40442e5b) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-439cb9de-d38d-4bec-9467-450d40fb3233) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-d5832b83-29d3-4eb5-989f-2eb7f9917aed) (Version: 2.2.0.98 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4730 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4730 - CyberLink Corp.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 -  NewspaperDirect Inc.)
QL Ministry of Rock 2 (HKLM\...\{65FCFCEB-A7D1-4ECF-9831-2FA531F10E26}) (Version: 2.1.1 - EastWest Sounds, Inc.)
QL Spaces 1.1.24 (HKLM-x32\...\EW Spaces_is1) (Version: 1.1.24 - EastWest Sounds, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-808046bc-83f9-4a2b-b237-9e46f35266fc) (Version: 2.2.0.98 - WildTangent) Hidden
RPG Maker 2003 (HKLM-x32\...\Steam App 362870) (Version:  - Enterbrain)
RPG Maker VX (HKLM-x32\...\RPGVX_E_is1) (Version: 1.03 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shairport4w (HKCU\...\Shairport4w) (Version: 1.0.8.6 - Frank Friemel)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Sonic Foundry Preset Manager 1.0 (HKLM-x32\...\{7266C898-F9CB-4122-9452-2AA1DACE245E}) (Version: 1.0.73 - Sonic Foundry)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Super Meat Boy Editor (HKLM-x32\...\Steam App 40810) (Version:  - )
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-b7e9d952-9289-41fc-b1aa-9cc675bfb3a3) (Version: 2.2.0.98 - WildTangent) Hidden
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version:  - The Astronauts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight (HKLM-x32\...\WTA-5dfc6cba-fa4d-4c28-97ad-c5b6cd36c123) (Version: 2.2.0.98 - WildTangent) Hidden
Transistor (HKLM-x32\...\Steam App 237930) (Version:  - Supergiant Games)
TSHostedAppLauncher (HKLM-x32\...\{F89BADB0-D319-470E-8024-443EE3A3402B}) (Version: 5.1.15.0 - Hewlett-Packard) Hidden
Twine 2.0.6 (remove only) (HKLM-x32\...\Twine2) (Version:  - )
TyranoBuilder Visual Novel Studio (HKLM-x32\...\Steam App 345370) (Version:  - STRIKEWORKS)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-18917abd-b929-49a8-ad09-594a7a82bf4c) (Version: 2.2.0.98 - WildTangent) Hidden
Vovoid VSXu 0.4.2 (HKLM-x32\...\VSXu 0.4.2) (Version: 0.4.2 - Vovoid Media Technologies AB)
V-Ray for 3dsmax 2016 for x64 (HKLM\...\V-Ray for 3dsmax 2016 for x64) (Version: 3.20.02 - Chaos Software Ltd)
Waves Complete V9r23 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.23 - Waves)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.13 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - Ruiware)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YUV Player Deluxe (HKLM-x32\...\YUV Player Deluxe) (Version:  - )
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zuma's Revenge (HKLM-x32\...\WTA-d4c79e7b-8125-49e7-8a34-a49f799b0797) (Version: 2.2.0.98 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
========================= Devices: ================================
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2AB5103C&REV_06\4&2C7C8DEF&0&00E4
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Device ID: BTH\MS_BTHPAN\7&17E448B3&0&2
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Device ID: BTH\MS_RFCOMM\7&17E448B3&0&0
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Broadcom Virtual Wireless Adapter
Description: Broadcom Virtual Wireless Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BcmVWL
Device ID: ROOT\NET\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 38%
Total physical RAM: 16364.31 MB
Available physical RAM: 10038.62 MB
Total Virtual: 32726.83 MB
Available Virtual: 25329.44 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:1844.08 GB) (Free:753.2 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:18.84 GB) (Free:2.33 GB) NTFS
3 Drive e: (DATADRIVE1) (Fixed) (Total:465.76 GB) (Free:61.4 GB) NTFS
8 Drive k: (EASTWEST CCC) (Fixed) (Total:931.51 GB) (Free:154.2 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PROJECTTRINITY
 
Administrator            Guest                    Johnathan Johnson        
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
25-02-2016 06:54:47 Windows Update
29-02-2016 15:12:23 Windows Update
03-03-2016 05:55:43 Before the BeepingComputer Arc
 
**** End of log ****
 

 



#6 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:44 AM

Posted 03 March 2016 - 03:35 AM

Hi ,

turn off all computers, iphones, ...
then unplug the power cable from the router,
then unplug the power cable from the (Cable) modem

....let it OFF for about 5 minutes.

Then with the computers still off,
plug back in the Cable modem power cable.

...when all the lights come on:
then plug in the router,

when all the lights come back on:
then start all computers:

Now check if your problem still exists.
Post results here!

***


How the computer is running now?

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 ProjectTrinity

ProjectTrinity
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 03 March 2016 - 07:10 AM

Did as directed, but to no avail; the internet still slows down at random on this computer only. 



#8 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:44 AM

Posted 03 March 2016 - 07:44 AM

Hello,

:step1: Run Malwarebytes Anti-Rootkit again: Right-click mbar.exe and select Run As Administrator
  • Scan your system for malware
  • If malware is found, click on the Cleanup
  • button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • then please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step2: Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


:step3: Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.

***


:step4: Scan with SystemLook
  • Please download SystemLook (32-bit) by jpshortstuff and save it to your desktop
  • Please download SystemLook (64-bit) by jpshortstuff and save it to your desktop For 64-bit users
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following code box into the main textfield:
:reg 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions /sub
HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions /sub
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions /sub

:regfind
DNS Unlocker
DNSUnlocker
DNSPRESTONSBURG 
System32\Tasks
Windows\Tasks
BootExecute
SecurityProviders
AppInit_DLLs
Userinit

NameServer

DhcpNameServer
Chrome\User Data\Default\Extensions
.crx
MozillaPlugins
.xpi

:folderfind
C:\Program Files (x86)\DNS Unlocker

:filefind
C:\Windows\System32\Tasks\DNSPRESTONSBURG
*.xpi
*.crx
*Chrome\Extensions*
*Chrome\User Data\Default\Extensions*
  • Click the Look button to start the scan (may take 5 ... 15 min.)
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • Please copy and paste the log to your reply.

***


:step5: How the computer is running now?

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 ProjectTrinity

ProjectTrinity
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 03 March 2016 - 09:43 AM

Alright, here we go!
 
"Malwarebytes Anti-Rootkid Log" (No Malware Found)
 
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2016.03.03.01
  rootkit: v2016.02.27.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18204
Johnathan Johnson :: PROJECTTRINITY [administrator]
 
3/3/2016 12:57:56 AM
mbar-log-2016-03-03 (00-57-56).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 470242
Time elapsed: 29 minute(s), 8 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
------
 
"AdwCleaner Log" (Kept "Play" software again)
 
# AdwCleaner v5.037 - Logfile created 03/03/2016 at 09:04:57
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Johnathan Johnson - PROJECTTRINITY
# Running from : C:\Users\Johnathan Johnson\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[x] Folder Not Deleted : C:\Users\Johnathan Johnson\Documents\Play
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [1840 bytes] - [20/02/2016 02:09:49]
C:\AdwCleaner\AdwCleaner[C2].txt - [1186 bytes] - [01/03/2016 07:59:36]
C:\AdwCleaner\AdwCleaner[C29].txt - [1392 bytes] - [02/09/2015 18:12:05]
C:\AdwCleaner\AdwCleaner[C3].txt - [1094 bytes] - [03/03/2016 09:04:57]
C:\AdwCleaner\AdwCleaner[C30].txt - [1264 bytes] - [12/10/2015 01:10:51]
C:\AdwCleaner\AdwCleaner[C31].txt - [1735 bytes] - [08/01/2016 16:18:29]
C:\AdwCleaner\AdwCleaner[C32].txt - [1368 bytes] - [11/01/2016 04:04:29]
C:\AdwCleaner\AdwCleaner[C34].txt - [4560 bytes] - [21/01/2016 01:04:02]
C:\AdwCleaner\AdwCleaner[C35].txt - [1073 bytes] - [18/02/2016 19:32:37]
C:\AdwCleaner\AdwCleaner[R0].txt - [2427 bytes] - [27/01/2014 19:06:36]
C:\AdwCleaner\AdwCleaner[R1].txt - [2391 bytes] - [21/06/2014 13:18:28]
C:\AdwCleaner\AdwCleaner[R10].txt - [1903 bytes] - [22/12/2014 16:37:51]
C:\AdwCleaner\AdwCleaner[R11].txt - [4288 bytes] - [12/01/2015 19:08:06]
C:\AdwCleaner\AdwCleaner[R12].txt - [1878 bytes] - [26/01/2015 22:16:38]
C:\AdwCleaner\AdwCleaner[R13].txt - [2482 bytes] - [28/01/2015 15:36:00]
C:\AdwCleaner\AdwCleaner[R14].txt - [2796 bytes] - [24/02/2015 10:13:04]
C:\AdwCleaner\AdwCleaner[R15].txt - [2402 bytes] - [01/03/2015 22:46:25]
C:\AdwCleaner\AdwCleaner[R16].txt - [2920 bytes] - [01/03/2015 22:53:02]
C:\AdwCleaner\AdwCleaner[R17].txt - [341 bytes] - [02/03/2015 09:00:21]
C:\AdwCleaner\AdwCleaner[R18].txt - [3105 bytes] - [02/03/2015 09:06:02]
C:\AdwCleaner\AdwCleaner[R19].txt - [2672 bytes] - [02/03/2015 09:18:36]
C:\AdwCleaner\AdwCleaner[R2].txt - [2626 bytes] - [10/09/2014 22:42:24]
C:\AdwCleaner\AdwCleaner[R20].txt - [2732 bytes] - [02/03/2015 09:39:39]
C:\AdwCleaner\AdwCleaner[R21].txt - [2792 bytes] - [02/03/2015 09:55:21]
C:\AdwCleaner\AdwCleaner[R22].txt - [3458 bytes] - [02/03/2015 09:57:54]
C:\AdwCleaner\AdwCleaner[R23].txt - [3518 bytes] - [02/03/2015 10:25:49]
C:\AdwCleaner\AdwCleaner[R24].txt - [352 bytes] - [06/03/2015 09:41:09]
C:\AdwCleaner\AdwCleaner[R25].txt - [352 bytes] - [06/03/2015 09:41:27]
C:\AdwCleaner\AdwCleaner[R26].txt - [3774 bytes] - [06/03/2015 09:48:54]
C:\AdwCleaner\AdwCleaner[R27].txt - [3333 bytes] - [06/03/2015 10:11:53]
C:\AdwCleaner\AdwCleaner[R28].txt - [3355 bytes] - [06/03/2015 10:22:22]
C:\AdwCleaner\AdwCleaner[R29].txt - [3853 bytes] - [11/03/2015 20:27:55]
C:\AdwCleaner\AdwCleaner[R3].txt - [1087 bytes] - [02/10/2014 12:42:21]
C:\AdwCleaner\AdwCleaner[R30].txt - [3578 bytes] - [12/03/2015 00:28:54]
C:\AdwCleaner\AdwCleaner[R31].txt - [3743 bytes] - [12/03/2015 14:04:39]
C:\AdwCleaner\AdwCleaner[R32].txt - [4792 bytes] - [06/04/2015 20:54:25]
C:\AdwCleaner\AdwCleaner[R33].txt - [4785 bytes] - [18/04/2015 20:15:34]
C:\AdwCleaner\AdwCleaner[R34].txt - [4859 bytes] - [24/04/2015 03:31:21]
C:\AdwCleaner\AdwCleaner[R35].txt - [4071 bytes] - [24/04/2015 08:15:22]
C:\AdwCleaner\AdwCleaner[R36].txt - [4754 bytes] - [24/04/2015 11:26:53]
C:\AdwCleaner\AdwCleaner[R37].txt - [4835 bytes] - [24/04/2015 11:49:25]
C:\AdwCleaner\AdwCleaner[R38].txt - [4895 bytes] - [24/04/2015 11:51:10]
C:\AdwCleaner\AdwCleaner[R39].txt - [5054 bytes] - [25/04/2015 03:49:21]
C:\AdwCleaner\AdwCleaner[R4].txt - [1160 bytes] - [11/10/2014 15:58:37]
C:\AdwCleaner\AdwCleaner[R40].txt - [5114 bytes] - [25/04/2015 03:57:22]
C:\AdwCleaner\AdwCleaner[R41].txt - [5479 bytes] - [25/04/2015 04:50:16]
C:\AdwCleaner\AdwCleaner[R42].txt - [5599 bytes] - [25/04/2015 11:38:01]
C:\AdwCleaner\AdwCleaner[R43].txt - [5726 bytes] - [08/05/2015 19:16:03]
C:\AdwCleaner\AdwCleaner[R44].txt - [5775 bytes] - [10/05/2015 01:08:07]
C:\AdwCleaner\AdwCleaner[R45].txt - [5553 bytes] - [10/05/2015 01:35:35]
C:\AdwCleaner\AdwCleaner[R46].txt - [5081 bytes] - [10/05/2015 01:39:48]
C:\AdwCleaner\AdwCleaner[R47].txt - [5141 bytes] - [10/05/2015 01:52:00]
C:\AdwCleaner\AdwCleaner[R48].txt - [5636 bytes] - [02/07/2015 05:53:51]
C:\AdwCleaner\AdwCleaner[R49].txt - [5695 bytes] - [08/07/2015 22:00:53]
C:\AdwCleaner\AdwCleaner[R5].txt - [1421 bytes] - [19/10/2014 20:06:43]
C:\AdwCleaner\AdwCleaner[R50].txt - [5756 bytes] - [20/07/2015 19:17:30]
C:\AdwCleaner\AdwCleaner[R51].txt - [5815 bytes] - [21/07/2015 01:35:43]
C:\AdwCleaner\AdwCleaner[R52].txt - [5844 bytes] - [02/08/2015 22:26:27]
C:\AdwCleaner\AdwCleaner[R53].txt - [5682 bytes] - [09/08/2015 07:43:24]
C:\AdwCleaner\AdwCleaner[R54].txt - [5742 bytes] - [11/08/2015 15:17:22]
C:\AdwCleaner\AdwCleaner[R55].txt - [5802 bytes] - [19/08/2015 01:26:19]
C:\AdwCleaner\AdwCleaner[R56].txt - [5862 bytes] - [25/08/2015 19:52:18]
C:\AdwCleaner\AdwCleaner[R57].txt - [6200 bytes] - [31/08/2015 20:25:43]
C:\AdwCleaner\AdwCleaner[R58].txt - [6320 bytes] - [01/09/2015 23:34:04]
C:\AdwCleaner\AdwCleaner[R6].txt - [1888 bytes] - [07/11/2014 15:45:23]
C:\AdwCleaner\AdwCleaner[R64].txt - [6829 bytes] - [19/01/2016 16:32:43]
C:\AdwCleaner\AdwCleaner[R65].txt - [6743 bytes] - [19/01/2016 17:22:13]
C:\AdwCleaner\AdwCleaner[R66].txt - [13792 bytes] - [20/01/2016 23:29:09]
C:\AdwCleaner\AdwCleaner[R67].txt - [7049 bytes] - [18/02/2016 10:45:59]
C:\AdwCleaner\AdwCleaner[R7].txt - [1597 bytes] - [11/11/2014 08:14:18]
C:\AdwCleaner\AdwCleaner[R70].txt - [7339 bytes] - [22/02/2016 18:22:55]
C:\AdwCleaner\AdwCleaner[R71].txt - [7413 bytes] - [23/02/2016 20:28:08]
C:\AdwCleaner\AdwCleaner[R72].txt - [7474 bytes] - [01/03/2016 07:43:47]
C:\AdwCleaner\AdwCleaner[R8].txt - [1443 bytes] - [11/11/2014 08:30:33]
C:\AdwCleaner\AdwCleaner[R9].txt - [1804 bytes] - [03/12/2014 21:15:35]
C:\AdwCleaner\AdwCleaner[S0].txt - [2676 bytes] - [10/09/2014 22:45:25]
C:\AdwCleaner\AdwCleaner[S1].txt - [3726 bytes] - [07/11/2014 16:00:43]
C:\AdwCleaner\AdwCleaner[S10].txt - [12294 bytes] - [02/03/2015 09:08:45]
C:\AdwCleaner\AdwCleaner[S11].txt - [11976 bytes] - [02/03/2015 09:56:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [3593 bytes] - [02/03/2015 10:26:45]
C:\AdwCleaner\AdwCleaner[S13].txt - [3849 bytes] - [06/03/2015 10:09:29]
C:\AdwCleaner\AdwCleaner[S14].txt - [3402 bytes] - [06/03/2015 10:13:55]
C:\AdwCleaner\AdwCleaner[S15].txt - [3929 bytes] - [11/03/2015 20:30:36]
C:\AdwCleaner\AdwCleaner[S16].txt - [4876 bytes] - [06/04/2015 20:56:48]
C:\AdwCleaner\AdwCleaner[S17].txt - [4867 bytes] - [18/04/2015 20:17:02]
C:\AdwCleaner\AdwCleaner[S18].txt - [4939 bytes] - [24/04/2015 04:10:51]
C:\AdwCleaner\AdwCleaner[S19].txt - [4830 bytes] - [24/04/2015 11:46:41]
C:\AdwCleaner\AdwCleaner[S2].txt - [2935 bytes] - [11/11/2014 08:16:30]
C:\AdwCleaner\AdwCleaner[S20].txt - [4971 bytes] - [24/04/2015 11:52:10]
C:\AdwCleaner\AdwCleaner[S21].txt - [5189 bytes] - [25/04/2015 03:59:12]
C:\AdwCleaner\AdwCleaner[S22].txt - [5228 bytes] - [25/04/2015 05:00:30]
C:\AdwCleaner\AdwCleaner[S23].txt - [5531 bytes] - [25/04/2015 11:39:29]
C:\AdwCleaner\AdwCleaner[S24].txt - [5629 bytes] - [10/05/2015 01:36:21]
C:\AdwCleaner\AdwCleaner[S25].txt - [5918 bytes] - [02/08/2015 22:35:22]
C:\AdwCleaner\AdwCleaner[S26].txt - [6274 bytes] - [31/08/2015 20:27:17]
C:\AdwCleaner\AdwCleaner[S27].txt - [6394 bytes] - [01/09/2015 23:41:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [2716 bytes] - [04/12/2014 00:30:54]
C:\AdwCleaner\AdwCleaner[S32].txt - [6899 bytes] - [19/01/2016 16:37:06]
C:\AdwCleaner\AdwCleaner[S35].txt - [7405 bytes] - [22/02/2016 18:30:03]
C:\AdwCleaner\AdwCleaner[S4].txt - [2814 bytes] - [22/12/2014 16:40:34]
C:\AdwCleaner\AdwCleaner[S5].txt - [5241 bytes] - [12/01/2015 20:01:06]
C:\AdwCleaner\AdwCleaner[S6].txt - [3382 bytes] - [28/01/2015 15:47:14]
C:\AdwCleaner\AdwCleaner[S60].txt - [1294 bytes] - [02/09/2015 18:09:42]
C:\AdwCleaner\AdwCleaner[S61].txt - [1173 bytes] - [04/09/2015 00:06:34]
C:\AdwCleaner\AdwCleaner[S62].txt - [1172 bytes] - [12/10/2015 00:44:45]
C:\AdwCleaner\AdwCleaner[S63].txt - [1597 bytes] - [08/01/2016 16:15:26]
C:\AdwCleaner\AdwCleaner[S64].txt - [1248 bytes] - [11/01/2016 03:35:13]
C:\AdwCleaner\AdwCleaner[S68].txt - [1587 bytes] - [21/01/2016 00:57:22]
C:\AdwCleaner\AdwCleaner[S69].txt - [4248 bytes] - [21/01/2016 01:00:16]
C:\AdwCleaner\AdwCleaner[S7].txt - [2864 bytes] - [24/02/2015 10:14:35]
C:\AdwCleaner\AdwCleaner[S70].txt - [965 bytes] - [18/02/2016 19:12:58]
C:\AdwCleaner\AdwCleaner[S8].txt - [3543 bytes] - [01/03/2015 22:48:03]
C:\AdwCleaner\AdwCleaner[S9].txt - [12112 bytes] - [01/03/2015 23:08:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [9213 bytes] ##########
 
-----
 
"Junkware Removal LTool Log"
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Professional x64 
Ran by Johnathan Johnson (Administrator) on Thu 03/03/2016 at  9:10:40.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 43 
 
Failed to delete: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5JN3EJ6 (Temporary Internet Files Folder) 
Failed to delete: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YU1KMKIV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Roaming\3909 (Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\96HCJXNU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P0NAUA2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AVM97T1D (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DM70TBXK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DR1RK7AR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGSBE4BX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9V9QI1D (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCOTSWW3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMZVTPMD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S1LQNH38 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3PP3VPO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SFZOY4L3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNMCLXQ2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Johnathan Johnson\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VLG4F7UK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\prefetch\FREEMAKEVC.EXE-50CE5925.pf (File) 
Successfully deleted: C:\Windows\prefetch\FREEMAKEVIDEOCONVERTER.EXE-60CAA5BB.pf (File) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\96HCJXNU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9P0NAUA2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AVM97T1D (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DM70TBXK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DR1RK7AR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGSBE4BX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9V9QI1D (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCOTSWW3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMZVTPMD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S1LQNH38 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3PP3VPO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SFZOY4L3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNMCLXQ2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VLG4F7UK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5JN3EJ6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YU1KMKIV (Temporary Internet Files Folder) 
 
 
 
Registry: 5 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_79742291F3DD8C7248C732DFC7D5FAB7 (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4620560F-DFD0-430C-8768-1EB20173E1A8} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{4620560F-DFD0-430C-8768-1EB20173E1A8} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/03/2016 at  9:15:40.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-----
 
"System Look Log"
 
SystemLook 30.07.11 by jpshortstuff
Log created at 09:23 on 03/03/2016 by Johnathan Johnson
Administrator - Elevation successful
 
========== reg ==========
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe"
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe"
"iTunesHelper"=""C:\Program Files\iTunes\iTunesHelper.exe""
"MSC"=""c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey"
"Zune Launcher"=""C:\Program Files\Zune\ZuneLauncher.exe""
"AdobeAAMUpdater-1.0"=""C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe""
 
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=""C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe""
"f.lux"=""C:\Users\Johnathan Johnson\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow"
"WinPatrol"="C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot"
"Dropbox Update"=""C:\Users\Johnathan Johnson\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c"
"Akamai NetSession Interface"=""C:\Users\Johnathan Johnson\AppData\Local\Akamai\netsession_win.exe""
"GoogleDriveSync"=""C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart"
"Skype"=""C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun"
 
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)
 
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)
 
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(No values found)
 
 
[HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions]
(Unable to open key - key not found)
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions]
(No values found)
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}]
"Default Visible"="Yes"
"ButtonText"="Send to OneNote"
"MenuText"="Se&nd to OneNote"
"ToolTip"="Send to OneNote"
"HotIcon"="C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll,103"
"Icon"="C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll,103"
"CLSID"="{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}"
"ClsidExtension"="{48E73304-E1D6-4330-914C-F5F514E3486C}"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}]
"KeyPath"="Yes"
"ButtonText"="OneNote Lin&ked Notes"
"MenuText"="OneNote Lin&ked Notes"
"ToolTip"="OneNote Linked Notes"
"Default Visible"="Yes"
"HotIcon"="C:\PROGRA~1\MICROS~3\Office14\ONBTTN~1.DLL,103"
"Icon"="C:\PROGRA~1\MICROS~3\Office14\ONBTTN~1.DLL,103"
"CLSID"="{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}"
"ClsidExtension"="{FFFDC614-B694-4AE6-AB38-5D6374584B52}"
 
 
========== regfind ==========
 
Searching for "DNS Unlocker"
No data found.
 
Searching for "DNSUnlocker"
No data found.
 
Searching for "DNSPRESTONSBURG "
No data found.
 
Searching for "System32\Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C86F320-DEE3-4DD1-B972-A303F26B061E}\InprocServer32]
@="C:\Windows\system32\TaskSchdPS.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
 
Searching for "Windows\Tasks"
No data found.
 
Searching for "BootExecute"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-smss-bootexecute_31bf3856ad364e35_none_2f98bf433f61b9b2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-smss-bootexecute_31bf3856ad364e35_none_39ed699573c27bad]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager]
"BootExecute"="autocheck autochk * sdnclean64.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Session Manager]
"BootExecute"="autocheck autochk * sdnclean64.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"BootExecute"="autocheck autochk * sdnclean64.exe"
 
Searching for "SecurityProviders"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders]
"SecurityProviders"="credssp.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurityProviders]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurityProviders]
"SecurityProviders"="credssp.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"="credssp.dll"
 
Searching for "AppInit_DLLs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"="SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS"
 
Searching for "Userinit"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"C:\Windows\System32\userinit.exe"="04/25/2015 2:40 AM"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\ActiveRun]
"C:\WINDOWS\SYSTEM32\USERINIT.EXE"="Winlogon Userinit"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"C:\Windows\System32\userinit.exe"="250"
[HKEY_CURRENT_USER\Software\Microsoft\Office\Common\UserInfo]
"UserInitials"="JJ"
[HKEY_LOCAL_MACHINE\SOFTWARE\Intel\IntelAMTUNS\credentials]
"GetUserInitiatedEnabled"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Intel\IntelAMTUNS\credentials]
"OpenUserInitiatedConnection"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Intel\IntelAMTUNS\credentials]
"CloseUserInitiatedConnection"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-userinit.resources_31bf3856ad364e35_en-us_903c6331299f704a]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-userinit_31bf3856ad364e35_none_a11115c99b789ded]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-userinit.resources_31bf3856ad364e35_en-us_341dc7ad7141ff14]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-userinit_31bf3856ad364e35_none_44f27a45e31b2cb7]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\Windows\system32\userinit.exe,"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\Windows\system32\userinit.exe,"
[HKEY_USERS\S-1-5-21-4278035339-1315755430-380327878-1001\Software\BillP Studios\Detected\Startup]
"C:\Windows\System32\userinit.exe"="04/25/2015 2:40 AM"
[HKEY_USERS\S-1-5-21-4278035339-1315755430-380327878-1001\Software\BillP Studios\WinPatrol\ActiveRun]
"C:\WINDOWS\SYSTEM32\USERINIT.EXE"="Winlogon Userinit"
[HKEY_USERS\S-1-5-21-4278035339-1315755430-380327878-1001\Software\BillP Studios\WinPatrol\Run]
"C:\Windows\System32\userinit.exe"="250"
[HKEY_USERS\S-1-5-21-4278035339-1315755430-380327878-1001\Software\Microsoft\Office\Common\UserInfo]
"UserInitials"="JJ"
 
Searching for "NameServer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{071716C7-3D5F-4022-8C45-93F522DE7F5E}]
@="INameServerEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BC0D4191-7672-4f44-B78C-C87FFF24DC39}]
@="INameServer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{071716C7-3D5F-4022-8C45-93F522DE7F5E}]
@="INameServerEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{BC0D4191-7672-4f44-B78C-C87FFF24DC39}]
@="INameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{0414BDE4-6A2C-4F36-A0B2-F246FE32FE88}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{4346B02B-2A12-4881-8651-C596491D8AD8}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{6567684C-0BAD-4F70-88F6-46B05E98E337}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{7553C4FF-8654-446B-AA83-55865F0F3908}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{B81288A4-FE3F-4ED1-895C-17EAF1D5F97E}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{E976788D-0861-4A72-99BB-11804FC3023D}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0414BDE4-6A2C-4F36-A0B2-F246FE32FE88}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{4346B02B-2A12-4881-8651-C596491D8AD8}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{6567684C-0BAD-4F70-88F6-46B05E98E337}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"DhcpNameServer"="192.168.1.1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{B81288A4-FE3F-4ED1-895C-17EAF1D5F97E}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{E976788D-0861-4A72-99BB-11804FC3023D}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{0414bde4-6a2c-4f36-a0b2-f246fe32fe88}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{36ee175c-6798-45bf-b625-16361c08c4e5}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{4346b02b-2a12-4881-8651-c596491d8ad8}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{7553c4ff-8654-446b-aa83-55865f0f3908}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{b81288a4-fe3f-4ed1-895c-17eaf1d5f97e}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{e3890cfe-7754-4545-bdc2-0ffa856bf609}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{e976788d-0861-4a72-99bb-11804fc3023d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{0414BDE4-6A2C-4F36-A0B2-F246FE32FE88}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{4346B02B-2A12-4881-8651-C596491D8AD8}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{6567684C-0BAD-4F70-88F6-46B05E98E337}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{7553C4FF-8654-446B-AA83-55865F0F3908}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{B81288A4-FE3F-4ED1-895C-17EAF1D5F97E}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{E976788D-0861-4A72-99BB-11804FC3023D}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{0414BDE4-6A2C-4F36-A0B2-F246FE32FE88}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{4346B02B-2A12-4881-8651-C596491D8AD8}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{6567684C-0BAD-4F70-88F6-46B05E98E337}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"DhcpNameServer"="192.168.1.1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{B81288A4-FE3F-4ED1-895C-17EAF1D5F97E}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{E976788D-0861-4A72-99BB-11804FC3023D}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{0414bde4-6a2c-4f36-a0b2-f246fe32fe88}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{36ee175c-6798-45bf-b625-16361c08c4e5}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{4346b02b-2a12-4881-8651-c596491d8ad8}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{7553c4ff-8654-446b-aa83-55865f0f3908}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{b81288a4-fe3f-4ed1-895c-17eaf1d5f97e}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{e3890cfe-7754-4545-bdc2-0ffa856bf609}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{e976788d-0861-4a72-99bb-11804fc3023d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{0414BDE4-6A2C-4F36-A0B2-F246FE32FE88}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{4346B02B-2A12-4881-8651-C596491D8AD8}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{6567684C-0BAD-4F70-88F6-46B05E98E337}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{7553C4FF-8654-446B-AA83-55865F0F3908}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{B81288A4-FE3F-4ED1-895C-17EAF1D5F97E}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{E976788D-0861-4A72-99BB-11804FC3023D}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0414BDE4-6A2C-4F36-A0B2-F246FE32FE88}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4346B02B-2A12-4881-8651-C596491D8AD8}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6567684C-0BAD-4F70-88F6-46B05E98E337}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"DhcpNameServer"="192.168.1.1"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{B81288A4-FE3F-4ED1-895C-17EAF1D5F97E}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{E976788D-0861-4A72-99BB-11804FC3023D}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{0414bde4-6a2c-4f36-a0b2-f246fe32fe88}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{36ee175c-6798-45bf-b625-16361c08c4e5}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{4346b02b-2a12-4881-8651-c596491d8ad8}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{7553c4ff-8654-446b-aa83-55865f0f3908}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{b81288a4-fe3f-4ed1-895c-17eaf1d5f97e}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{e3890cfe-7754-4545-bdc2-0ffa856bf609}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{e976788d-0861-4a72-99bb-11804fc3023d}]
"NameServer"=""
 
Searching for "DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"DhcpNameServer"="192.168.1.1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"DhcpNameServer"="192.168.1.1"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\84F4D454D263032323]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\876696E696479777966696]
"DhcpNameServer"="75.75.75.75 75.75.76.76"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}\D49734861627475627759664963643D22374]
"DhcpNameServer"="192.168.1.1"
 
Searching for "Chrome\User Data\Default\Extensions"
No data found.
 
Searching for ".crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Autodesk\3dsMax\16.0\ObjectDBX\Applications\AecCore70]
"LOADER"="C:\Program Files\Autodesk\3ds Max 2014\AecCore.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Autodesk\3dsMax\18.0\ObjectDBX\Applications\AecCore70]
"LOADER"="C:\Program Files\Autodesk\3ds Max 2016\AecCore.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A86801649B917742AE5E407273D796CE]
"7CE73B25638D90400046C342CBDE0201"="C:\Program Files\Autodesk\3ds Max 2014\AecCore.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A86801649B917742AE5E407273D796CE]
"7CE73B25638D01404046C342CBDE0201"="C:\Program Files\Autodesk\3ds Max 2016\AecCore.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown\cDefaultLaunchAttachmentPerms]
"tBuiltInPermList"="version:1|.ade:3|.adp:3|.app:3|.arc:3|.arj:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.cab:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.dll:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mdb:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.taz:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.z:3|.zip:3|.zlo:3|.zoo:3|.pdf:2|.fdf:2|.jar:3|.pkg:3|.tool:3|.term:3|.acm:3|.asa:3|.aspx:3|.ax:3|.ad:3|.application:3|.asx:3|.cer:3|.cfg:3|.chi:3|.class:3|.clb:3|.cnt:3|.cnv:3|.cpx:3|.crx:3|.der:3|.drv:3|.fon:3|.g
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown\cDefaultLaunchAttachmentPerms]
"tBuiltInPermList"="version:1|.ade:3|.adp:3|.app:3|.arc:3|.arj:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.cab:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.dll:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mdb:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.taz:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.z:3|.zip:3|.zlo:3|.zoo:3|.pdf:2|.fdf:2|.jar:3|.pkg:3|.tool:3|.term:3|.acm:3|.asa:3|.aspx:3|.ax:3|.ad:3|.application:3|.asx:3|.cer:3|.cfg:3|.chi:3|.class:3|.clb:3|.cnt:3|.cnv:3|.cpx:3|.crx:3|.der:3|.drv
 
Searching for "MozillaPlugins"
[HKEY_CURRENT_USER\Software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E239E79D0F3E43448AC9DC382C0BD62]
"68AB67CA7DA73301B744CAF070E41400"="02:\Software\MozillaPlugins\Adobe Reader\Path"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins]
[HKEY_USERS\S-1-5-21-4278035339-1315755430-380327878-1001\Software\MozillaPlugins]
 
Searching for ".xpi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown\cDefaultLaunchAttachmentPerms]
"tBuiltInPermList"="version:1|.ade:3|.adp:3|.app:3|.arc:3|.arj:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.cab:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.dll:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mdb:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.taz:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.z:3|.zip:3|.zlo:3|.zoo:3|.pdf:2|.fdf:2|.jar:3|.pkg:3|.tool:3|.term:3|.acm:3|.asa:3|.aspx:3|.ax:3|.ad:3|.application:3|.asx:3|.cer:3|.cfg:3|.chi:3|.class:3|.clb:3|.cnt:3|.cnv:3|.cpx:3|.crx:3|.der:3|.drv:3|.fon:3|.g
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown\cDefaultLaunchAttachmentPerms]
"tBuiltInPermList"="version:1|.ade:3|.adp:3|.app:3|.arc:3|.arj:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.cab:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.dll:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mdb:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.taz:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.z:3|.zip:3|.zlo:3|.zoo:3|.pdf:2|.fdf:2|.jar:3|.pkg:3|.tool:3|.term:3|.acm:3|.asa:3|.aspx:3|.ax:3|.ad:3|.application:3|.asx:3|.cer:3|.cfg:3|.chi:3|.class:3|.clb:3|.cnt:3|.cnv:3|.cpx:3|.crx:3|.der:3|.drv
 
========== folderfind ==========
 
Searching for "C:\Program Files (x86)\DNS Unlocker"
No folders found.
 
========== filefind ==========
 
Searching for "C:\Windows\System32\Tasks\DNSPRESTONSBURG"
No files found.
 
Searching for "*.xpi"
C:\Users\Johnathan Johnson\Desktop\Everything 2016\Everything 2015\June 2015\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\tor-launcher@torproject.org.xpi --a---- 619694 bytes [00:00 01/01/2000] [00:00 01/01/2000] 1F5725FF70B56D1EFEEA4480552D20DC
C:\Users\Johnathan Johnson\Desktop\Everything 2016\Everything 2015\June 2015\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\torbutton@torproject.org.xpi --a---- 1283814 bytes [00:00 01/01/2000] [12:10 08/07/2015] FCFCE019235F4B065174F7E7233C5EFF
C:\Users\Johnathan Johnson\Desktop\Everything 2016\Everything 2015\June 2015\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi --a---- 561731 bytes [00:00 01/01/2000] [01:09 21/11/2015] 1AC4D48463C96BA121F0AB932932D0DE
C:\Users\Johnathan Johnson\Desktop\Everything 2016\Everything 2015\June 2015\Tor Browser\Browser\TorBrowser\Data\Browser\profile.meek-http-helper\extensions\meek-http-helper@bamsoftware.com.xpi --a---- 6982 bytes [00:00 01/01/2000] [00:00 01/01/2000] 6922EBACDDD1AC06AC3ECF452C615157
 
Searching for "*.crx"
C:\Autodesk\WI\Autodesk 3ds Max 2014\x64\max\Autodesk\3ds Max 2014\AecCore.crx --a---- 4179784 bytes [17:10 07/02/2013] [17:10 07/02/2013] E7619194A91195A134D7D0FD1F8A9F4A
C:\Autodesk\WI\Autodesk 3ds Max 2016\x64\max\Autodesk\3ds Max 2016\AecCore.crx --a---- 4268840 bytes [07:58 23/01/2015] [07:58 23/01/2015] 368D41CC6F226E5A59131263E48C6E72
C:\Program Files\Autodesk\3ds Max 2014\AecCore.crx --a---- 4179784 bytes [17:10 07/02/2013] [17:10 07/02/2013] E7619194A91195A134D7D0FD1F8A9F4A
C:\Program Files\Autodesk\3ds Max 2016\AecCore.crx --a---- 4268840 bytes [07:58 23/01/2015] [07:58 23/01/2015] 368D41CC6F226E5A59131263E48C6E72
C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx --a---- 69167 bytes [16:00 20/01/2014] [08:05 18/01/2014] 916D9FBCE5B015A18522DE15165264C9
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\default_apps\docs.crx --a---- 4578 bytes [20:35 10/02/2016] [03:30 09/02/2016] 2C71C49F991095A1848624907BACBB08
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\default_apps\drive.crx --a---- 25561 bytes [20:35 10/02/2016] [03:30 09/02/2016] 71E1283B8440F6264CEC99DF9AD81F5B
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\default_apps\gmail.crx --a---- 24040 bytes [20:35 10/02/2016] [03:30 09/02/2016] 2E2E328E5BF6BE61203164B3E9EA8094
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\default_apps\search.crx --a---- 26392 bytes [20:35 10/02/2016] [03:30 09/02/2016] 8AD223868AB9974F7746D0227730A0CC
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\default_apps\youtube.crx --a---- 23668 bytes [20:35 10/02/2016] [03:30 09/02/2016] D2F6A1B11344D9AC7BCFB75900D4ADE1
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\default_apps\docs.crx --a---- 4578 bytes [21:41 19/02/2016] [03:45 18/02/2016] 2C71C49F991095A1848624907BACBB08
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\default_apps\drive.crx --a---- 25561 bytes [21:41 19/02/2016] [03:45 18/02/2016] 71E1283B8440F6264CEC99DF9AD81F5B
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\default_apps\gmail.crx --a---- 24040 bytes [21:41 19/02/2016] [03:45 18/02/2016] 2E2E328E5BF6BE61203164B3E9EA8094
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\default_apps\search.crx --a---- 26392 bytes [21:41 19/02/2016] [03:45 18/02/2016] 8AD223868AB9974F7746D0227730A0CC
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\default_apps\youtube.crx --a---- 23668 bytes [21:41 19/02/2016] [03:45 18/02/2016] D2F6A1B11344D9AC7BCFB75900D4ADE1
C:\Users\Johnathan Johnson\AppData\Local\Temp\_MEI34282\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx --a---- 25575 bytes [14:07 03/03/2016] [14:07 03/03/2016] 82F5C942549405F61A8808D0EA0FA9E2
C:\Users\Johnathan Johnson\AppData\Local\Temp\_MEI34282\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx --a---- 1945 bytes [14:07 03/03/2016] [14:07 03/03/2016] DE0983FE4B830699312D35A990B3AE1B
 
Searching for "*Chrome\Extensions*"
No files found.
 
Searching for "*Chrome\User Data\Default\Extensions*"
No files found.
 
-= EOF =-
 
---
 
EDIT: I'll let you know how it runs and get back to you within the hour.
 
EDIT 2: The slow internet persists. It was normal for a while, but per usual, it slowed down.

Edited by Queen-Evie, 03 March 2016 - 11:23 AM.
moved tag deleted from this post. It should have been in the first post of the topic


#10 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:44 AM

Posted 03 March 2016 - 11:19 AM

I will ask a moderator to move your Topic to this Forum Section:
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

There we can use advanced tools and scripts.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:44 AM

Posted 03 March 2016 - 11:25 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/606032 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#12 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:44 AM

Posted 03 March 2016 - 11:30 AM

OK, topic is moved.

Please confirm to the helpbot in post #11 that you still need help and download FRST by Farbar and run the tool as instructed, thanks.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 ProjectTrinity

ProjectTrinity
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 03 March 2016 - 12:06 PM

  • Slow internet on this computer and this computer alone; followed thread's advice on how to get rid of the problem with various removal tools.
  • new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
  • The original Windows 7 CD was not provided for me upon purchase, though the computer did come with software that would let you download necessary recovery tools.

 

"FRST Log"

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-03-2016
Ran by Johnathan Johnson (administrator) on PROJECTTRINITY (03-03-2016 11:59:34)
Running from C:\Users\Johnathan Johnson\Desktop
Loaded Profiles: Johnathan Johnson (Available Profiles: Johnathan Johnson)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7172096 2011-11-24] (Broadcom Corporation)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-09-14] (Hewlett-Packard )
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-23] (Autodesk Inc.)
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-01-04] (AMD)
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Run: [f.lux] => C:\Users\Johnathan Johnson\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Run: [Dropbox Update] => C:\Users\Johnathan Johnson\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Johnathan Johnson\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-03-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Johnathan Johnson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5A05F409-94DD-4574-BB0A-E0A8FC903EBF}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{7553C4FF-8654-446B-AA83-55865F0F3908}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=U220DHP&pc=U220
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxps://www.google.com/
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxps://www.google.com/
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxps://www.google.com/
SearchScopes: HKLM -> {4620560F-DFD0-430C-8768-1EB20173E1A8} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4278035339-1315755430-380327878-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2014-10-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-12-03] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4278035339-1315755430-380327878-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Johnathan Johnson\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-22] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => not found
 
Chrome: 
=======
CHR Profile: C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (Dropbox for Gmail) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-04]
CHR Extension: (Torrent Turbo Search App) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif [2015-06-17]
CHR Extension: (Google Docs Offline) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-06]
CHR Extension: (AdBlock) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (Avast Online Security) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-12-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Johnathan Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-23] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241776 2013-01-28] (CyberLink)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-01-11] (WildTangent)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-14] () [File not signed]
S3 mi-raysat_3dsmax2016_64; C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-14] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5856256 2011-11-24] (Broadcom Corporation) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-10-19] (Broadcom Corporation.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
S3 mm2avs; C:\Windows\System32\Drivers\mm2avs.sys [358520 2012-06-06] (Native Instruments GmbH)
S3 mm2usb_svc; C:\Windows\System32\Drivers\mm2usb.sys [45688 2012-06-06] (Native Instruments GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-03-23] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-20] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-03 11:59 - 2016-03-03 11:59 - 00028643 _____ C:\Users\Johnathan Johnson\Desktop\FRST.txt
2016-03-03 11:57 - 2016-03-03 11:57 - 02371584 _____ (Farbar) C:\Users\Johnathan Johnson\Desktop\FRST64.exe
2016-03-03 09:23 - 2016-03-03 09:41 - 00075032 _____ C:\Users\Johnathan Johnson\Desktop\SystemLook.txt
2016-03-03 09:15 - 2016-03-03 09:15 - 00008255 _____ C:\Users\Johnathan Johnson\Desktop\JRT.txt
2016-03-03 08:59 - 2016-03-03 09:42 - 00056364 _____ C:\Users\Johnathan Johnson\Desktop\Scan Results.txt
2016-03-03 08:58 - 2016-03-03 08:58 - 00165376 _____ C:\Users\Johnathan Johnson\Desktop\SystemLook_x64.exe
2016-03-03 08:58 - 2016-03-03 08:58 - 00000000 _____ C:\Users\Johnathan Johnson\Desktop\New Text Document.txt
2016-03-03 08:56 - 2016-03-03 08:56 - 01609216 _____ (Malwarebytes) C:\Users\Johnathan Johnson\Desktop\JRT.exe
2016-03-03 01:36 - 2016-03-03 01:36 - 00891392 _____ (Farbar) C:\Users\Johnathan Johnson\Desktop\MiniToolBox.exe
2016-03-03 01:02 - 2016-03-03 01:02 - 01518592 _____ C:\Users\Johnathan Johnson\Desktop\AdwCleaner.exe
2016-03-03 00:57 - 2016-03-03 08:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-03 00:57 - 2016-03-03 00:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-03 00:56 - 2016-03-03 09:05 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\mbar
2016-03-03 00:56 - 2016-03-03 08:14 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-03 00:43 - 2016-03-03 00:44 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Johnathan Johnson\Desktop\mbar-1.09.3.1001.exe
2016-03-03 00:26 - 2016-03-03 00:27 - 00852798 _____ C:\Users\Johnathan Johnson\Desktop\SecurityCheck.exe
2016-03-02 23:33 - 2016-03-03 08:56 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\March 2016
2016-03-02 22:25 - 2016-03-03 06:35 - 00000380 _____ C:\Windows\Tasks\HPCeeScheduleForJohnathan Johnson.job
2016-03-02 22:25 - 2016-03-02 22:25 - 00003258 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJohnathan Johnson
2016-02-28 20:40 - 2016-02-28 20:40 - 71190775 _____ C:\Users\Johnathan Johnson\Desktop\Environments.zip
2016-02-25 21:27 - 2016-02-25 21:27 - 579303315 _____ C:\Users\Johnathan Johnson\Desktop\Perjurer & Parody.zip
2016-02-23 13:16 - 2016-02-23 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin USB Wireless Adapter Utility
2016-02-23 13:14 - 2016-02-23 13:14 - 00000000 ____D C:\Program Files (x86)\Belkin
2016-02-23 13:14 - 2011-08-11 00:46 - 00694376 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTL8192su.sys
2016-02-22 11:35 - 2016-03-02 10:33 - 00000000 ____D C:\==Virus Scanners==
2016-02-22 10:47 - 2016-02-20 01:56 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.20160222-104723.backup
2016-02-20 06:28 - 2016-02-20 06:28 - 00049147 _____ C:\ComboFix.txt
2016-02-20 06:09 - 2016-02-20 06:11 - 00234094 _____ C:\TDSSKiller.3.1.0.9_20.02.2016_06.09.22_log.txt
2016-02-20 02:34 - 2016-02-20 05:57 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-02-20 02:34 - 2016-02-20 03:46 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-20 02:20 - 2016-02-20 02:23 - 00454430 _____ C:\TDSSKiller.3.1.0.9_20.02.2016_02.20.41_log.txt
2016-02-20 02:16 - 2016-02-20 02:16 - 00000366 _____ C:\TDSSKiller.3.0.0.19_20.02.2016_02.16.55_log.txt
2016-02-19 22:04 - 2016-03-03 11:59 - 00000000 ____D C:\FRST
2016-02-18 10:11 - 2016-02-18 10:11 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-09 16:50 - 2016-02-06 05:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 16:50 - 2016-02-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 16:50 - 2016-02-06 05:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 16:50 - 2016-02-06 05:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 16:50 - 2016-02-06 05:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 16:50 - 2016-02-06 05:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-09 16:50 - 2016-02-06 04:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-09 16:50 - 2016-02-06 04:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-09 16:50 - 2016-02-06 04:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-09 16:50 - 2016-02-06 04:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-09 16:50 - 2016-02-06 04:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 16:50 - 2016-02-06 04:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-09 16:50 - 2016-02-06 04:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 16:50 - 2016-02-06 03:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-09 16:50 - 2016-01-16 14:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 16:50 - 2016-01-16 13:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 16:50 - 2016-01-11 09:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 16:50 - 2016-01-11 09:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 16:50 - 2016-01-11 09:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 16:50 - 2016-01-11 09:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 16:50 - 2016-01-11 09:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 16:50 - 2016-01-06 14:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 16:50 - 2016-01-06 14:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 16:50 - 2016-01-06 13:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-09 16:49 - 2016-01-22 15:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 16:49 - 2016-01-22 15:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-09 16:49 - 2016-01-22 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 16:49 - 2016-01-22 01:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 16:49 - 2016-01-22 01:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 16:49 - 2016-01-22 01:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 16:49 - 2016-01-22 01:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 16:49 - 2016-01-22 01:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 16:49 - 2016-01-22 01:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 16:49 - 2016-01-22 01:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 16:49 - 2016-01-22 01:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 16:49 - 2016-01-22 01:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 16:49 - 2016-01-22 01:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 16:49 - 2016-01-22 01:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 16:49 - 2016-01-22 01:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 16:49 - 2016-01-22 01:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 16:49 - 2016-01-22 01:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 16:49 - 2016-01-22 01:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 16:49 - 2016-01-22 01:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 16:49 - 2016-01-22 01:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 16:49 - 2016-01-22 01:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-09 16:49 - 2016-01-22 01:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 16:49 - 2016-01-22 01:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-09 16:49 - 2016-01-22 01:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-09 16:49 - 2016-01-22 01:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-09 16:49 - 2016-01-22 01:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 16:49 - 2016-01-22 01:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-09 16:49 - 2016-01-22 00:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-09 16:49 - 2016-01-22 00:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-09 16:49 - 2016-01-22 00:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-09 16:49 - 2016-01-22 00:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-09 16:49 - 2016-01-22 00:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 16:49 - 2016-01-22 00:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 16:49 - 2016-01-22 00:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 16:49 - 2016-01-22 00:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 16:49 - 2016-01-22 00:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 16:49 - 2016-01-22 00:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-09 16:49 - 2016-01-22 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-09 16:49 - 2016-01-22 00:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-09 16:49 - 2016-01-22 00:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-09 16:49 - 2016-01-22 00:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-09 16:49 - 2016-01-22 00:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-09 16:49 - 2016-01-22 00:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-09 16:49 - 2016-01-22 00:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-09 16:49 - 2016-01-22 00:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 16:49 - 2016-01-22 00:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-09 16:49 - 2016-01-22 00:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-09 16:49 - 2016-01-22 00:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-09 16:49 - 2016-01-22 00:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-09 16:49 - 2016-01-22 00:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 16:49 - 2016-01-22 00:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-09 16:49 - 2016-01-22 00:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-09 16:47 - 2016-01-07 12:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 16:46 - 2016-01-11 14:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 16:46 - 2016-01-11 14:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 16:46 - 2016-01-11 14:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 16:46 - 2016-01-11 13:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 16:46 - 2016-01-11 13:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-09 16:46 - 2016-01-11 13:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 16:46 - 2016-01-11 13:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 16:46 - 2016-01-11 13:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 16:46 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 16:46 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 16:46 - 2016-01-11 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 16:46 - 2016-01-11 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-09 16:46 - 2016-01-11 13:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-09 16:46 - 2016-01-11 13:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-09 16:46 - 2016-01-11 13:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-09 16:46 - 2016-01-11 13:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-09 16:46 - 2016-01-07 12:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 16:44 - 2016-01-22 01:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 16:44 - 2016-01-22 01:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 16:44 - 2016-01-22 01:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 16:44 - 2016-01-22 01:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 16:44 - 2016-01-22 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-09 16:44 - 2016-01-22 01:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 16:44 - 2016-01-22 01:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 16:44 - 2016-01-22 01:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 16:44 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 16:44 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 16:44 - 2016-01-22 01:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-09 16:44 - 2016-01-22 01:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 16:44 - 2016-01-22 01:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 16:44 - 2016-01-22 01:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 16:44 - 2016-01-22 01:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 16:44 - 2016-01-22 01:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 16:44 - 2016-01-22 01:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 16:44 - 2016-01-22 01:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 16:44 - 2016-01-22 01:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 16:44 - 2016-01-22 01:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 16:44 - 2016-01-22 01:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-09 16:44 - 2016-01-22 01:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-09 16:44 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 16:44 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 16:44 - 2016-01-22 01:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 01:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-09 16:44 - 2016-01-22 01:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-09 16:44 - 2016-01-22 01:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-09 16:44 - 2016-01-22 01:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-09 16:44 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-09 16:44 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-09 16:44 - 2016-01-22 01:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-09 16:44 - 2016-01-22 01:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 16:44 - 2016-01-22 01:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-09 16:44 - 2016-01-22 01:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-09 16:44 - 2016-01-22 01:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-09 16:44 - 2016-01-22 01:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-09 16:44 - 2016-01-22 01:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-09 16:44 - 2016-01-22 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 16:44 - 2016-01-22 00:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 16:44 - 2016-01-22 00:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-09 16:44 - 2016-01-22 00:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 16:44 - 2016-01-21 23:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 16:44 - 2016-01-21 23:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 16:44 - 2016-01-21 23:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 16:44 - 2016-01-21 23:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 16:44 - 2016-01-21 23:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 16:44 - 2016-01-21 23:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-09 16:44 - 2016-01-21 23:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-09 16:44 - 2016-01-21 23:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-09 16:44 - 2016-01-21 23:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-09 16:44 - 2016-01-21 23:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-09 16:44 - 2016-01-21 23:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-09 16:44 - 2016-01-21 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 16:44 - 2016-01-21 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 16:44 - 2016-01-21 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 16:44 - 2016-01-16 14:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 16:44 - 2016-01-16 13:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-09 16:43 - 2016-01-22 01:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 16:43 - 2016-01-22 01:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-09 16:43 - 2016-01-22 01:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 16:43 - 2016-01-22 01:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-09 16:43 - 2016-01-22 01:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-09 16:43 - 2016-01-22 00:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-09 16:43 - 2016-01-22 00:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-09 16:43 - 2016-01-22 00:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-07 04:17 - 2016-02-07 04:17 - 00000000 ____D C:\ProgramData\Audio Damage
2016-02-07 03:22 - 2016-02-07 03:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Firebird
2016-02-03 18:51 - 2016-03-03 11:56 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Roaming\Skype
2016-02-03 02:58 - 2016-02-24 03:01 - 00001945 _____ C:\Windows\epplauncher.mif
2016-02-03 02:38 - 2016-02-24 03:01 - 00002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-03 02:38 - 2016-02-24 03:01 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-03 02:38 - 2016-02-24 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-03 11:55 - 2015-06-16 23:44 - 00000966 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4278035339-1315755430-380327878-1001UA.job
2016-03-03 11:51 - 2014-01-14 04:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-03 11:34 - 2015-04-24 20:41 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-03 10:35 - 2014-01-14 04:07 - 00000000 ___RD C:\Users\Johnathan Johnson\Dropbox
2016-03-03 10:32 - 2014-01-14 05:23 - 00000000 ____D C:\ProgramData\East West
2016-03-03 09:30 - 2014-01-14 03:35 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox
2016-03-03 09:14 - 2009-07-13 23:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-03 09:14 - 2009-07-13 23:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-03 09:12 - 2009-07-14 00:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-03 09:12 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-03-03 09:08 - 2015-12-21 09:04 - 00000000 ___RD C:\Users\Johnathan Johnson\Google Drive
2016-03-03 09:06 - 2015-04-24 20:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-03 09:06 - 2012-03-23 13:29 - 00000000 ____D C:\ProgramData\PDFC
2016-03-03 09:06 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-03 09:05 - 2015-04-25 04:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-03 09:04 - 2014-01-14 04:23 - 00000000 ____D C:\AdwCleaner
2016-03-03 06:51 - 2014-01-14 21:22 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-03 05:08 - 2014-09-13 09:33 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\Final Reality
2016-03-03 02:00 - 2014-08-28 09:28 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Local\Adobe
2016-03-02 23:55 - 2015-06-16 23:44 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4278035339-1315755430-380327878-1001Core.job
2016-03-02 23:33 - 2016-02-01 23:47 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\Everything 2016
2016-03-02 14:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-02 14:42 - 2014-01-14 03:10 - 00003998 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{61A10A1A-F551-4E86-824E-B73A3E1CB334}
2016-03-02 12:36 - 2015-05-10 02:35 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\Rite of Passing Soundtrack
2016-03-02 12:07 - 2014-01-16 13:06 - 00000000 ____D C:\Users\Johnathan Johnson\Documents\Movie Studio Platinum 13.0 Projects
2016-03-02 11:09 - 2014-01-17 11:54 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Local\ElevatedDiagnostics
2016-03-01 09:26 - 2014-07-04 05:31 - 00000000 ____D C:\Windows\pss
2016-02-29 02:50 - 2014-01-23 12:28 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Local\CrashDumps
2016-02-28 12:30 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-28 00:44 - 2014-07-14 07:24 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Local\B515B45A-2115-47EE-AB79-3D121289AF23.aplzod
2016-02-25 01:55 - 2015-04-05 05:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-25 01:55 - 2015-04-05 05:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-24 04:19 - 2014-04-06 17:22 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\The Perjurer ~ Liar's Game Official Content
2016-02-24 00:02 - 2014-01-14 03:53 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\Potential References
2016-02-23 13:14 - 2012-03-23 13:14 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2016-02-22 11:52 - 2015-11-19 13:44 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\3D Mesto Accelerando
2016-02-22 11:43 - 2014-02-25 01:54 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\3D Parody of Affairs
2016-02-22 02:13 - 2014-01-20 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-02-22 02:13 - 2014-01-20 11:00 - 00000000 ____D C:\ProgramData\Freemake
2016-02-20 19:01 - 2014-01-14 04:01 - 00003230 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPROJECTTRINITY$
2016-02-20 19:01 - 2014-01-14 04:01 - 00000354 _____ C:\Windows\Tasks\HPCeeScheduleForPROJECTTRINITY$.job
2016-02-20 06:28 - 2015-03-02 09:25 - 00000000 ____D C:\Qoobox
2016-02-20 06:26 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2016-02-20 01:54 - 2009-07-13 21:34 - 44302336 _____ C:\Windows\system32\config\components.bak
2016-02-20 01:54 - 2009-07-13 21:34 - 19660800 _____ C:\Windows\system32\config\SYSTEM.bak
2016-02-20 01:54 - 2009-07-13 21:34 - 145752064 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-02-20 01:54 - 2009-07-13 21:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2016-02-20 01:54 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-02-20 01:54 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-02-20 01:53 - 2015-03-02 09:24 - 00000000 ____D C:\Windows\erdnt
2016-02-20 01:40 - 2015-11-19 15:50 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\TO DO
2016-02-20 00:28 - 2015-09-23 14:21 - 00000000 ____D C:\==Reaction Memes==
2016-02-19 16:41 - 2015-04-24 20:42 - 00002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 08:04 - 2014-01-14 04:47 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-18 08:24 - 2015-04-26 16:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-18 03:06 - 2016-01-21 02:57 - 02376652 _____ C:\Users\Johnathan Johnson\AppData\Local\IconCache.db.backup
2016-02-16 01:34 - 2016-01-24 13:14 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\Sans Battle Montage
2016-02-14 16:02 - 2009-07-13 23:45 - 05064008 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-14 01:48 - 2014-01-14 03:12 - 00124936 _____ C:\Users\Johnathan Johnson\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-11 21:18 - 2016-01-19 16:03 - 00000000 ____D C:\Program Files (x86)\BDOCharacterCreator
2016-02-10 10:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-02-10 08:38 - 2014-01-14 04:09 - 00000000 ___RD C:\Users\Johnathan Johnson\Podcasts
2016-02-10 08:32 - 2014-12-10 06:31 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 08:32 - 2014-04-30 05:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 08:32 - 2010-11-21 02:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 02:27 - 2016-01-20 18:26 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 02:21 - 2016-01-21 02:58 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 02:21 - 2009-07-13 21:34 - 00000478 _____ C:\Windows\win.ini
2016-02-10 02:16 - 2011-02-11 15:29 - 00778744 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-09 23:51 - 2014-01-14 04:48 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 23:51 - 2014-01-14 04:48 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 23:51 - 2012-03-23 13:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 22:29 - 2015-04-24 20:41 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-09 22:29 - 2015-04-24 20:41 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-08 14:23 - 2015-12-07 06:45 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\Living Playground - Witch's Puppet
2016-02-08 02:16 - 2014-07-14 07:24 - 00000000 ____D C:\Users\Johnathan Johnson\Documents\Outlook Files
2016-02-06 02:01 - 2014-01-21 21:35 - 00000000 ____D C:\==Kontakt Instruments==
2016-02-04 13:20 - 2012-03-23 13:21 - 00000000 ____D C:\ProgramData\Skype
2016-02-03 21:44 - 2014-01-14 05:24 - 00000000 ____D C:\ProgramData\PACE
2016-02-03 21:18 - 2015-11-19 15:12 - 00000000 ____D C:\Users\Johnathan Johnson\Desktop\3D This Crazy World
2016-02-03 14:04 - 2014-01-14 03:13 - 00000000 ____D C:\Users\Johnathan Johnson\AppData\Roaming\Skype_old
2016-02-03 13:17 - 2015-04-25 04:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-02-03 12:27 - 2015-04-25 04:30 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-02-03 09:26 - 2014-01-14 04:26 - 00000000 ____D C:\ProgramData\AVAST Software
 
==================== Files in the root of some directories =======
 
2014-02-01 00:19 - 2011-11-26 18:28 - 0044558 _____ () C:\Program Files\cyggcc_s-1.dll
2014-02-01 00:19 - 2010-08-31 14:00 - 2648181 _____ (Red Hat) C:\Program Files\cygwin1.dll
2014-02-01 00:19 - 2013-09-11 22:37 - 0065536 _____ () C:\Program Files\ps3.exe
2014-09-30 11:58 - 2014-10-30 17:26 - 0001456 _____ () C:\Users\Johnathan Johnson\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-14 23:57 - 2016-01-14 23:57 - 0007599 _____ () C:\Users\Johnathan Johnson\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Johnathan Johnson\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\Johnathan Johnson\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-02-28 18:11
 
==================== End of FRST.txt ============================
 
"Additional Log"
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-03-2016
Ran by Johnathan Johnson (2016-03-03 12:00:10)
Running from C:\Users\Johnathan Johnson\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-01-14 08:06:38)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4278035339-1315755430-380327878-500 - Administrator - Disabled)
Guest (S-1-5-21-4278035339-1315755430-380327878-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4278035339-1315755430-380327878-1004 - Limited - Enabled)
Johnathan Johnson (S-1-5-21-4278035339-1315755430-380327878-1001 - Administrator - Enabled) => C:\Users\Johnathan Johnson
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
[PS3] Save Resigner (HKLM-x32\...\[PS3] Save Resigner 2.0.2) (Version: 2.0.2 - The Prince of Codes)
[PS3] Save Resigner (x32 Version: 2.0.2 - The Prince of Codes) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.5.277.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.5.277.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk 3ds Max 2014 SP2 (Version: 16.2.475.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 SP5 (HKLM\...\Autodesk 3ds Max 2014 SP4) (Version: 16.5.277.0 - Autodesk)
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 Evolver High Res (HKLM\...\{3D13E65E-256C-4042-89C4-BAE71F06A16D}) (Version: 18.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Revit Interoperability for 3ds Max  (HKLM\...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max  (Version: 16.0.394.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Belkin USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin)
Belkin USB Wireless Adapter (x32 Version: 1.0.0.13 - Belkin) Hidden
Black Desert Character Creator (HKLM-x32\...\{83AC6E37-6497-4A01-BB5D-AA845BA08832}) (Version: 1.0.0.2 - Daum Games EU)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth by hp (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.1200 - Broadcom Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brilliant Shadows - Part One of the Book of Gray Magic (HKLM-x32\...\Steam App 409920) (Version:  - Ithaqua Labs)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version:  - Broadcom Corporation)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version:  - Starbreeze Studios AB)
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ComiPo! Trial Edition (English Version) (HKLM-x32\...\ComiPoEngTrial) (Version: 1.00 - Web Technology Corp.)
Connect (HKLM-x32\...\Connect 2.2.2) (Version: 2.2.2 - Continuata)
Construct 2 r184 (HKLM\...\Construct 2_is1) (Version: 1.0.184.0 - Scirra)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink Media Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.4505 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DebugMode PluginPac (remove only) (HKLM-x32\...\PluginPac) (Version:  - )
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.3.0.25 - Best Service)
Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EW Installation Center (HKLM-x32\...\{EW Installation Center}}_is1) (Version: 1.1.5 - EastWest Sounds, Inc.)
EWQL Hollywood Strings Gold (HKLM\...\{51E88FBA-188D-402A-AC9E-4B36AEE2573C}) (Version: 2.1.2 - EastWest Sounds, Inc.)
f.lux (HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Flux) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version:  - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
GameSalad Creator (HKLM-x32\...\{42C1A82C-0F7D-4B3E-AEA5-2BD75A5DF390}) (Version: 0.10.4.1 - GameSalad)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6349.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
iZotope Vinyl (HKLM-x32\...\iZotope Vinyl_is1) (Version: 1.61 - iZotope, Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
Kobo (HKLM-x32\...\Kobo) (Version: 2.0.3 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LilyPond (HKLM-x32\...\LilyPond) (Version:  - )
Live2D Cubism 2.0.01 (HKLM-x32\...\Live2D Cubism) (Version: 2.0.01 - Live2D Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Independence Libraries Common Files (HKLM\...\MX.{34563DEE-79CD-4E2B-B41B-41A81B8188F0}) (Version: 3.2.0.0 - MAGIX AG)
MAGIX Independence Libraries Common Files (Version: 3.2.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro 3.2 VST-Plugins (HKLM\...\MX.{CE4E2B9B-9D8C-4857-8BD5-230CE6E24A3B}) (Version: 3.2.0.0 - MAGIX AG)
MAGIX Independence Pro 3.2 VST-Plugins (Version: 3.2.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro Software Suite 3.2 (HKLM-x32\...\MX.{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.2.0.91 - MAGIX AG)
MAGIX Independence Pro Software Suite 3.2 (Version: 3.2.0.91 - MAGIX AG) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2A6118E1-2BF0-11E5-8A11-F04DA23A5C58}) (Version: 13.0.955 - Sony)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.4.199 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.2.245 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version:  - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.0.699 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Neat Image v7.6.0 Demo Standalone (HKLM\...\Neat Image Standalone_is1) (Version:  - Neat Image team, ABSoft)
Neat Video v3.6.0 Demo plug-in for Sony Vegas (64-bit) (HKLM\...\Neat Video for Sony Vegas_is1) (Version:  - Neat Video team, ABSoft)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
null (HKLM-x32\...\MonsterMaker) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PLAY 4.3.2 (HKLM-x32\...\EW PLAY_is1) (Version: 4.3.2 - EastWest Sounds, Inc.)
Play Update 4.1.5 (HKLM\...\{7800ACD2-1553-4B06-81EA-4E3437D839AB}) (Version: 4.1.5 - EastWest Sounds, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poetic Guitar II (HKLM-x32\...\Poetic Guitar II) (Version: 1.0 - Times Concept)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5706 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4730 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4730 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 -  NewspaperDirect Inc.)
QL Ministry of Rock 2 (HKLM\...\{65FCFCEB-A7D1-4ECF-9831-2FA531F10E26}) (Version: 2.1.1 - EastWest Sounds, Inc.)
QL Spaces 1.1.24 (HKLM-x32\...\EW Spaces_is1) (Version: 1.1.24 - EastWest Sounds, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
RPG Maker 2003 (HKLM-x32\...\Steam App 362870) (Version:  - Enterbrain)
RPG Maker VX (HKLM-x32\...\RPGVX_E_is1) (Version: 1.03 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shairport4w (HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\Shairport4w) (Version: 1.0.8.6 - Frank Friemel)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Sonic Foundry Preset Manager 1.0 (HKLM-x32\...\{7266C898-F9CB-4122-9452-2AA1DACE245E}) (Version: 1.0.73 - Sonic Foundry)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Super Meat Boy Editor (HKLM-x32\...\Steam App 40810) (Version:  - )
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version:  - The Astronauts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Transistor (HKLM-x32\...\Steam App 237930) (Version:  - Supergiant Games)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Twine 2.0.6 (remove only) (HKLM-x32\...\Twine2) (Version:  - )
TyranoBuilder Visual Novel Studio (HKLM-x32\...\Steam App 345370) (Version:  - STRIKEWORKS)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Vovoid VSXu 0.4.2 (HKLM-x32\...\VSXu 0.4.2) (Version: 0.4.2 - Vovoid Media Technologies AB)
V-Ray for 3dsmax 2016 for x64 (HKLM\...\V-Ray for 3dsmax 2016 for x64) (Version: 3.20.02 - Chaos Software Ltd)
Waves Complete V9r23 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.23 - Waves)
WildTangent Games App for HP (x32 Version: 4.0.11.13 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - Ruiware)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YUV Player Deluxe (HKLM-x32\...\YUV Player Deluxe) (Version:  - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278035339-1315755430-380327878-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1B636FA3-5C09-47D4-9421-5F76236A63F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {1C70055E-78ED-42EB-BAB9-6678E93C1B7D} - System32\Tasks\PC Shutdown => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation)
Task: {1E6206EA-9CE9-4971-884F-4756FDFD1906} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {3142CF18-DE10-4ADC-B21C-B22E9C22C13E} - System32\Tasks\Amazon Music Helper => C:\Users\Johnathan Johnson\AppData\Local\Amazon Music\Amazon Music Helper.exe [2015-05-07] ()
Task: {3B1FE084-0526-458F-8194-FDE78820CD8B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {3BD11C24-D2ED-4631-B5F0-6B175DC37277} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {4AB236A0-2628-47EA-B60E-894C9007DA6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4B8AE7E1-00BE-432A-B513-7A03A8928851} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4278035339-1315755430-380327878-1001Core => C:\Users\Johnathan Johnson\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {63E432CD-4591-48B3-B73A-7A78334BD59B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {7716DCB0-31A2-468A-A488-EE3DF685C01B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {7CE9C5B0-E208-4331-B600-2936EE04C83C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {7DCCE062-1BFE-4D65-A062-BB2A998BC23E} - System32\Tasks\{CFB7771E-32D9-4ACB-9BD5-75B9508AAC3B} => pcalua.exe -a "C:\Users\Johnathan Johnson\Desktop\PLAY_4.1.0_64_bit\PLAY_4.1.0_64_bit\Support Files\PLAY4 Report Generator.EXE" -d "C:\Users\Johnathan Johnson\Desktop\PLAY_4.1.0_64_bit\PLAY_4.1.0_64_bit\Support Files"
Task: {8AA658FF-FD85-4C95-B159-2B66562D5065} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4278035339-1315755430-380327878-1001UA => C:\Users\Johnathan Johnson\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {90D1B3DD-351D-4DCF-B5CF-66A8981C8427} - System32\Tasks\HPCeeScheduleForPROJECTTRINITY$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {A11B0CB6-616E-40EC-A6F5-C6BF9456BD9A} - System32\Tasks\WIN-QAH9BNR7Q7Q\Administrator - Start WLAN Tray Applet => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE [2011-11-24] (Broadcom Corporation)
Task: {A998CABA-AD4F-4236-913B-E998F51DA78D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
Task: {AFBABE7D-C9B8-4902-BE4F-3FD2A22CAE55} - System32\Tasks\HPCeeScheduleForJohnathan Johnson => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B282DB81-BE3A-4CFE-B94E-345E6AD9FFAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B6F38F05-BEAF-41EF-90A8-8BFF88C896A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {BD9BE105-85FC-482E-9468-CB48B8C2E2CF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {CA4F231D-14A5-4C4B-AC94-043A2726AA46} - System32\Tasks\AdobeAAMUpdater-1.0-ProjectTrinity-Johnathan Johnson => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {CAB2CB18-C062-4A37-9B66-4C67E1307E19} - System32\Tasks\{D9F0CD4B-0AB4-43C5-97AC-1FBD6F847B02} => C:\Users\Johnathan Johnson\Desktop\ps3_hdd_reader_windows_v1\ps3_hdd_reader_windows_v1\ps3.exe
Task: {CB75EC4F-EAFC-4B28-8194-068F1E9AE530} - System32\Tasks\{652AC334-3B42-4C1F-834C-66BDB639741A} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.18.0.103&amp;LastError=12031
Task: {D18840EE-E85B-4B24-94C7-39B2FE8D2727} - System32\Tasks\{AA6B523E-D4B7-4FFF-9D3D-5923B94A05A8} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.85.103/en/go/help.faq.installer?LastError=1603
Task: {F3F2E9E5-5A7E-4CD2-814D-1FBF259EDF06} - System32\Tasks\{309826A6-E958-491F-A6CE-90993A8841AC} => pcalua.exe -a "C:\Users\Johnathan Johnson\Desktop\Original Broadcom Wireless Network Controller Driver - sp54360.exe" -d "C:\Users\Johnathan Johnson\Desktop"
Task: {FE8BE438-5D17-40F7-9E54-BF72601B5A58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4278035339-1315755430-380327878-1001Core.job => C:\Users\Johnathan Johnson\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4278035339-1315755430-380327878-1001UA.job => C:\Users\Johnathan Johnson\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJohnathan Johnson.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPROJECTTRINITY$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-01-21 01:35 - 2015-01-21 01:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 16:25 - 2015-09-15 16:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-22 03:02 - 2015-07-22 03:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2011-09-14 23:19 - 2011-09-14 23:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2015-06-18 04:56 - 2016-02-23 23:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-06-18 04:56 - 2016-02-23 23:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-02-19 16:41 - 2016-02-17 23:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 16:41 - 2016-02-17 23:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2015-12-09 21:59 - 2016-01-12 13:44 - 00034768 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-18 10:11 - 2016-01-12 13:45 - 00019408 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-09 21:59 - 2016-01-12 13:44 - 00116688 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-09 21:59 - 2016-01-12 13:44 - 00093640 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-09 21:59 - 2016-01-12 13:44 - 00018376 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00019760 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-09 21:59 - 2016-01-12 13:46 - 00105928 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-09 21:59 - 2016-01-12 13:44 - 00392144 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-09 21:59 - 2016-02-16 13:39 - 00381752 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-09 21:59 - 2016-01-12 13:44 - 00692688 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-18 10:11 - 2016-02-16 13:38 - 00020816 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-09 21:59 - 2016-01-12 13:45 - 00112592 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-18 10:11 - 2016-02-16 13:38 - 01682760 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-18 10:11 - 2016-02-16 13:38 - 00020808 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00021840 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00038696 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-09 21:59 - 2016-01-12 13:46 - 00020936 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-09 21:59 - 2016-01-12 13:46 - 00024528 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-09 21:59 - 2016-01-12 13:47 - 00114640 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-09 21:59 - 2016-01-12 13:46 - 00124880 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00021832 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-09 21:59 - 2016-01-12 13:46 - 00024016 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-09 21:59 - 2016-01-12 13:46 - 00175560 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-09 21:59 - 2016-01-12 13:47 - 00030160 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-09 21:59 - 2016-01-12 13:47 - 00043472 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-09 21:59 - 2016-01-12 13:47 - 00028616 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-09 21:59 - 2016-01-12 13:47 - 00048592 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00026456 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-09 21:59 - 2016-01-12 13:46 - 00057808 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-09 21:59 - 2016-01-12 13:47 - 00024016 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-18 10:11 - 2016-02-16 13:38 - 00117056 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00024392 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-18 10:11 - 2016-01-12 13:47 - 00036296 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-09 21:59 - 2016-02-16 13:39 - 00023376 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-09 21:59 - 2016-01-12 13:44 - 00134608 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-09 21:59 - 2016-01-12 13:44 - 00134088 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-18 10:11 - 2016-01-12 13:45 - 00240584 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00052024 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00021824 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00019776 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-18 10:11 - 2016-02-16 13:38 - 00020280 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-09 21:59 - 2016-01-12 13:47 - 00350152 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00022352 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00084792 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-09 21:59 - 2016-02-16 13:39 - 01826096 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-09 21:59 - 2016-01-12 13:45 - 00083912 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 03928880 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 01971504 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00531248 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00132912 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00223544 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00207672 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00158008 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-18 10:11 - 2016-02-16 13:39 - 00042808 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-18 10:11 - 2016-01-12 13:49 - 00017864 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-18 10:11 - 2016-01-12 13:49 - 01631184 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-09 21:59 - 2016-02-16 13:39 - 00024904 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00546096 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-09 21:59 - 2016-02-16 13:39 - 00357680 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 16:45 - 2016-01-12 13:52 - 00697304 _____ () C:\Users\Johnathan Johnson\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2013-09-05 03:14 - 2013-09-05 03:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-09-15 16:25 - 2015-09-15 16:25 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 16:17 - 2014-01-20 16:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:3EXeECSiOHCP3yR9I [2348]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Microsoft:11pJ9zRkf5hwTi0XL [1992]
AlternateDataStreams: C:\ProgramData\Microsoft:NkJcSlkHqJjDMLgcfUB [2028]
AlternateDataStreams: C:\ProgramData\PACE:F15BF47D762B99B3 [217]
AlternateDataStreams: C:\Users\Johnathan Johnson\Desktop\Environments.zip:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Johnathan Johnson\Desktop\Perjurer & Parody.zip:com.dropbox.attributes [168]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7865 more sites.
 
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4278035339-1315755430-380327878-1001\...\123simsen.com -> www.123simsen.com
 
There are 7865 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2016-02-22 10:47 - 00449915 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15461 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Johnathan Johnson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: (default) => 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{3623AACD-22FA-466A-8E73-3F0C4C629747}C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{79B31DC2-A3C7-4125-A5C0-3897A9E910C5}C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{3B74A7F3-C587-4D92-A421-32619CCC3A0D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F15EB0C6-434B-43B7-A053-84786251C43F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E8AD8F3B-A97A-44F6-9506-9EB2700EEF9B}C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6B7F7F2F-8DC0-403A-9572-0F6DFDE53C78}C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{823DB6D3-AF07-4FC0-BC1E-C1F97702D334}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2734933-4DE2-4964-BFC1-161F56B1BA9C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{00F076D9-2BE2-4336-9E53-BC829412419D}C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6816706C-E429-429F-B16F-3C8B7522A2B7}C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\johnathan johnson\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{66A7A175-B19B-4352-B15A-9F63B4D5224B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B7AEB3CC-F8EA-463A-A83D-1698010200E8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A10ABDA6-FBFF-4CFC-A4D8-7D7BF534F3C9}C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2A55543E-14FE-4DF5-92B0-952345887AC7}C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\johnathan johnson\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{0CB9A8F2-4F94-4E00-B68E-5CB983391CE0}] => (Allow) LPort=49212
FirewallRules: [{07452A3A-E49D-468E-95AB-D4EC1131CA91}] => (Allow) LPort=5000
FirewallRules: [{A949CF59-874B-434A-A086-81C51175BCA4}] => (Allow) LPort=49167
FirewallRules: [{487532CE-D5DF-4917-9EE6-C2511E112091}] => (Allow) LPort=5000
 
==================== Restore Points =========================
 
29-02-2016 10:12:23 Windows Update
03-03-2016 00:55:43 Before the BeepingComputer Arc
03-03-2016 09:10:45 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Broadcom Virtual Wireless Adapter
Description: Broadcom Virtual Wireless Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BcmVWL
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/03/2016 04:45:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FL64.exe version 1.1.5.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3d98
 
Start Time: 01d175293884c218
 
Termination Time: 12
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 11\FL64.exe
 
Report Id:
 
Error: (03/02/2016 02:32:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 7.18.0.111 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 13ac
 
Start Time: 01d174a0057c7cbc
 
Termination Time: 10
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: 82843a70-e0ad-11e5-883c-ab6414a8a096
 
Error: (03/01/2016 11:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FL.exe version 1.1.6.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 6af8
 
Start Time: 01d17439e78d005f
 
Termination Time: 9
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe
 
Report Id: 4ff345e1-e02d-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:12:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FL.exe version 1.1.6.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d264
 
Start Time: 01d1743960bd71eb
 
Termination Time: 9
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe
 
Report Id: 0299b9b0-e02d-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:09:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FL.exe version 1.1.6.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2b94
 
Start Time: 01d174393f2e8f80
 
Termination Time: 6
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe
 
Report Id: 9320a1b6-e02c-11e5-9565-f948e5f38d97
 
Error: (03/01/2016 11:08:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FL64.exe version 1.1.5.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 37a0
 
Start Time: 01d17419d3194c66
 
Termination Time: 17
 
Application Path: C:\Program Files (x86)\Image-Line\FL Studio 11\FL64.exe
 
Report Id:
 
Error: (03/01/2016 08:07:42 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (03/01/2016 08:01:42 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (03/01/2016 07:59:41 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (03/01/2016 07:45:32 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. 0x80070002
6.1.7601.17514
 
 
System errors:
=============
Error: (03/03/2016 09:06:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error: 
%%1053
 
Error: (03/03/2016 09:06:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
 
Error: (03/03/2016 09:05:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error: 
%%1069
 
Error: (03/03/2016 09:05:25 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/03/2016 09:05:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1069
 
Error: (03/03/2016 09:05:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/03/2016 09:05:21 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (03/03/2016 09:05:21 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (03/03/2016 09:05:17 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (03/03/2016 09:05:15 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
 
CodeIntegrity:
===================================
  Date: 2016-02-20 01:53:22.545
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-20 01:53:22.498
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-20 01:53:22.451
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-20 01:53:22.404
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.186
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.140
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.108
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-25 05:24:35.062
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-02 10:07:42.387
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-03-02 10:07:42.325
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 16364.31 MB
Available physical RAM: 10586.64 MB
Total Virtual: 32726.83 MB
Available Virtual: 26461.25 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:1844.08 GB) (Free:756.39 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:18.84 GB) (Free:2.33 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATADRIVE1) (Fixed) (Total:465.76 GB) (Free:61.4 GB) NTFS
Drive k: (EASTWEST CCC) (Fixed) (Total:931.51 GB) (Free:154.2 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A2E5C8BC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1844.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A07487F4)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 54AA30C2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#14 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:44 AM

Posted 03 March 2016 - 12:32 PM

Hello,

do you have slow connection with every browser or only with a special one?

If you switch off Spybot - Search & Destroy: any changes in connection?

 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt
 
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {4620560F-DFD0-430C-8768-1EB20173E1A8} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4278035339-1315755430-380327878-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => not found
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
CMD: bitsadmin /reset /allusers
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 ProjectTrinity

ProjectTrinity
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 03 March 2016 - 01:00 PM

My main browser is Chrome, however, it, Firefox, and Internet Explorer all become slow at the same time. Dropbox also loses connection - as does Skype. Skype outright crashes. I had no idea you could switch off Spybot and didn't really see any options similar to turning on/off any features.

 

"Fixlog.txt"

 

Fix result of Farbar Recovery Scan Tool (x64) Version:02-03-2016
Ran by Johnathan Johnson (2016-03-03 12:38:04) Run:1
Running from C:\Users\Johnathan Johnson\Desktop
Loaded Profiles: Johnathan Johnson (Available Profiles: Johnathan Johnson)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {4620560F-DFD0-430C-8768-1EB20173E1A8} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4278035339-1315755430-380327878-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => not found
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
CMD: bitsadmin /reset /allusers
end
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
========= RemoveProxy: =========
 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found. 
HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4620560F-DFD0-430C-8768-1EB20173E1A8}" => key removed successfully
HKCR\CLSID\{4620560F-DFD0-430C-8768-1EB20173E1A8} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
"HKU\S-1-5-21-4278035339-1315755430-380327878-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully
"HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\VIP5X@verisign.com => value removed successfully
catchme => service removed successfully
cpuz136 => service removed successfully
xhunter1 => service removed successfully
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2601:cc:4103:71e0:906f:299e:3742:1efe
   Temporary IPv6 Address. . . . . . : 2601:cc:4103:71e0:edef:361d:9cda:a510
   Link-local IPv6 Address . . . . . : fe80::906f:299e:3742:1efe%14
   Default Gateway . . . . . . . . . : fe80::200:caff:fe11:2233%14
 
Tunnel adapter isatap.hsd1.ga.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.
   IPv6 Address. . . . . . . . . . . : 2601:cc:4103:71e0:906f:299e:3742:1efe
   Temporary IPv6 Address. . . . . . : 2601:cc:4103:71e0:edef:361d:9cda:a510
   Link-local IPv6 Address . . . . . : fe80::906f:299e:3742:1efe%14
   IPv4 Address. . . . . . . . . . . : 10.0.0.9
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::200:caff:fe11:2233%14
                                       10.0.0.1
 
Tunnel adapter isatap.hsd1.ga.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
There's no user specified settings to be reset.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 2.6 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 12:38:42 ====





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users