Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keyboard Input Very Slow Must Hold Key Down For One Second or Press Repeatedly


  • This topic is locked This topic is locked
12 replies to this topic

#1 stealth1

stealth1

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 23 March 2016 - 12:07 PM

 ​I have a problem with keyboard input. I have to type very slowly to get my keystrokes to actually get entered. I need to hold down each key for at least one full second or press the key several times to type each keystroke. This occurs on all four different keyboards that I've tried including a wireless Logitech that had the same results.

 

The PC is a Dell Inspiron 560, the OS is Windows 10 Home edition (upgraded from Windows 7). Any help will be greatly appreciated. The PC is practically useless like this. Thanks!



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:32 PM

Posted 23 March 2016 - 12:53 PM

Greetings Ray and :welcome: back to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Does this happen all the time or only with certain activities?

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. If FRST.exe is not on your Desktop please move it to that location. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 stealth1

stealth1
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 23 March 2016 - 04:02 PM

I'm getting this error message when trying to past the two text files and the zipped summary:

"Your post was too long. Please go back and shorten it a little."

So, I'm going to try sending the text files separetly.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Ray (administrator) on DELL-560 (23-03-2016 12:39:57)
Running from C:\Users\Ray\Desktop
Loaded Profiles: Ray (Available Profiles: Ray & steal & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
() C:\Windows\runSW.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RtWLan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(© 2015 Microsoft Corporation) C:\Users\Ray\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABHSWD.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABHSWD.EXE
() C:\Program Files (x86)\VOX\JamVOX\JVExec.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Syntek Ltd.) C:\Windows\STK03N\STK03NM.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Dropbox, Inc.) C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Firetrust) C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
() C:\Users\Ray\Desktop\Tor Browser\Tor\tor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-10-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2009-07-06] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-11] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-03-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CNAP3 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-13] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] ()
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-12-15] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [183808 2013-07-11] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [703600 2012-07-09] (CyberLink Corporation.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-11-04] (CyberLink Corp.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2016-02-15] (SlySoft, Inc.)
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Run: [Google Update] => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649200 2012-09-28] (CyberLink Corp.)
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Run: [Dropbox Update] => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Run: [BingSvc] => C:\Users\Ray\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-15] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
ShellExecuteHooks-x32: ExecuteHooker Class - {569DAC0F-2791-46ab-8EFC-A54B77C04C20} - C:\Program Files (x86)\DVD Ghost\ExecuteHooker.dll [90112 2005-11-14] (WWW.Region-Free-DVD.COM)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\JVExec.lnk [2015-07-27]
ShortcutTarget: JVExec.lnk -> C:\Program Files (x86)\VOX\JamVOX\JVExec.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2014-10-22]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK03N PNP Monitor.lnk [2013-07-16]
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\Windows\STK03N\STK03NM.exe (Syntek Ltd.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-05-24]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-05-24]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-05-24]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2010-06-02]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasher.lnk [2015-10-01]
ShortcutTarget: MailWasher.lnk -> C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe (Firetrust)
Startup: C:\Users\steal.DELL-560\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2016-03-18]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a64354b-5a84-4a15-bfc1-7765a24b5547}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {5597C77E-1730-497C-B57F-A2A5F7FE9192} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKLM-x32 -> {6868E8A0-7A0D-4314-A0A8-5B39A360B109} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5GDF&PC=SL5G&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {5597C77E-1730-497C-B57F-A2A5F7FE9192} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {6868E8A0-7A0D-4314-A0A8-5B39A360B109} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {D3D5969E-D21F-4F7E-8258-BDF8A2EFE347} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll => No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-31] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2009-11-27] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-31] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {00000000-0000-0000-0000-000000000000} - No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {B9940246-4344-4D1B-BD82-DBAF7E657FF9} hxxp://bullrun2.viewnetcam.com:60003/SysCamInst.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2009-11-27] (Skype Technologies S.A.)

FireFox:
========
FF ProfilePath: C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxps://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5GDF&PC=SL5G&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-16] ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-31] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll [2010-10-28] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-10] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1556054694-2950829292-1133922799-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1556054694-2950829292-1133922799-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1556054694-2950829292-1133922799-1001: google.com/WidevineMediaOptimizer -> C:\Users\Ray\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF SearchPlugin: C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\searchplugins\bing-.xml [2015-12-18]
FF Extension: Bing Search - C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-12-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-03-19] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-03-19] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-03-19] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2016-03-19] [not signed]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
R2 RealtekWlanU; C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [247152 2010-08-19] ()
S2 RTLDHCPService; C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-11-29] ()
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2012-02-02] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [377840 2012-02-02] (CyberLink Corporation.)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [15288 2011-06-15] () [File not signed]
S3 ddmdrv; C:\Windows\SysWOW64\ddmdrv.sys [12728 2011-06-15] () [File not signed]
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-29] (Realtek )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-29] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-29] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-29] (Microsoft Corporation)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-03] (CyberLink Corp.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-23 12:39 - 2016-03-23 12:40 - 00029841 _____ C:\Users\Ray\Desktop\FRST.txt
2016-03-23 12:39 - 2016-03-23 12:39 - 00000000 ____D C:\FRST
2016-03-23 12:36 - 2016-03-23 12:34 - 02374144 _____ (Farbar) C:\Users\Ray\Desktop\FRST64.exe
2016-03-23 12:31 - 2016-03-23 12:31 - 02374144 _____ (Farbar) C:\Users\Ray\Downloads\FRST64 (1).exe
2016-03-23 12:27 - 2016-03-23 12:34 - 02374144 _____ (Farbar) C:\Users\Ray\Downloads\FRST64.exe
2016-03-23 11:36 - 2016-03-23 11:38 - 00032768 _____ C:\Users\Ray\Downloads\torbrowser-install-5.5.4_en-US.exe
2016-03-23 11:31 - 2016-03-23 12:38 - 00000000 ____D C:\Users\Ray\AppData\Roaming\tor
2016-03-23 09:41 - 2016-03-23 09:42 - 01012708 _____ C:\WINDOWS\Minidump\032316-16031-01.dmp
2016-03-21 19:15 - 2016-03-21 19:15 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-03-21 18:01 - 2016-03-21 18:01 - 00000000 ____D C:\Roxio
2016-03-20 23:00 - 2016-03-20 23:00 - 00324204 _____ C:\WINDOWS\Minidump\032016-16140-01.dmp
2016-03-19 14:45 - 2016-03-20 23:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-18 11:42 - 2016-03-18 11:42 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-03-18 11:42 - 2016-03-18 11:42 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2016-03-18 11:42 - 2016-03-18 11:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2016-03-18 11:42 - 2016-03-18 11:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2016-03-18 11:42 - 2016-03-18 11:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2016-03-18 11:42 - 2016-03-18 11:42 - 00000000 ____D C:\Users\DefaultAppPool
2016-03-18 11:42 - 2016-03-18 01:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\SoftThinks
2016-03-18 11:42 - 2016-03-08 23:57 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Mozilla
2016-03-18 11:42 - 2016-03-08 23:57 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-03-18 11:42 - 2016-03-08 23:57 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2016-03-18 01:21 - 2016-03-18 01:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-18 01:10 - 2016-03-18 01:11 - 00002436 _____ C:\Users\steal.DELL-560\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-18 01:10 - 2016-03-18 01:11 - 00000000 ___RD C:\Users\steal.DELL-560\OneDrive
2016-03-18 01:10 - 2016-03-18 01:10 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\NVIDIA Corporation
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Roaming\Roxio
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Roaming\Dell
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Roaming\Apple Computer
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\Stardock_Corporation
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\NVIDIA
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\Mozilla
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\CyberLink
2016-03-18 01:09 - 2016-03-18 01:09 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\Comms
2016-03-18 01:08 - 2016-03-18 01:08 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\Publishers
2016-03-18 01:08 - 2016-03-18 01:08 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\ActiveSync
2016-03-18 01:06 - 2016-03-18 01:26 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\Packages
2016-03-18 01:06 - 2016-03-18 01:06 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Roaming\Adobe
2016-03-18 01:06 - 2016-03-18 01:06 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\VirtualStore
2016-03-18 01:06 - 2016-03-18 01:06 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\TileDataLayer
2016-03-18 01:05 - 2016-03-18 01:10 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Roaming\Mozilla
2016-03-18 01:05 - 2016-03-18 01:10 - 00000000 ____D C:\Users\steal.DELL-560
2016-03-18 01:05 - 2016-03-18 01:05 - 00000258 __RSH C:\Users\steal.DELL-560\ntuser.pol
2016-03-18 01:05 - 2016-03-18 01:05 - 00000020 ___SH C:\Users\steal.DELL-560\ntuser.ini
2016-03-18 01:05 - 2016-03-18 01:05 - 00000000 _SHDL C:\Users\steal.DELL-560\My Documents
2016-03-18 01:05 - 2016-03-18 01:05 - 00000000 _SHDL C:\Users\steal.DELL-560\Documents\My Videos
2016-03-18 01:05 - 2016-03-18 01:05 - 00000000 _SHDL C:\Users\steal.DELL-560\Documents\My Pictures
2016-03-18 01:05 - 2016-03-18 01:05 - 00000000 _SHDL C:\Users\steal.DELL-560\Documents\My Music
2016-03-18 01:05 - 2016-03-18 01:04 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Local\SoftThinks
2016-03-18 01:05 - 2016-03-08 23:57 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Roaming\Media Center Programs
2016-03-18 01:05 - 2016-03-08 23:57 - 00000000 ____D C:\Users\steal.DELL-560\AppData\Roaming\Macromedia
2016-03-17 20:26 - 2016-03-17 20:26 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-17 16:33 - 2016-03-17 16:34 - 00949244 _____ C:\WINDOWS\Minidump\031716-15750-01.dmp
2016-03-17 12:55 - 2016-03-23 09:41 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-17 12:55 - 2016-03-17 12:57 - 01090356 _____ C:\WINDOWS\Minidump\031716-16265-01.dmp
2016-03-16 22:53 - 2016-03-16 23:05 - 00010240 _____ C:\Users\Ray\Documents\keyboard tests.wps
2016-03-16 15:10 - 2016-03-17 21:24 - 00000000 ____D C:\WINDOWS\pss
2016-03-16 15:01 - 2016-03-23 09:49 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5121C8BB-E1AE-4B26-9712-A4EB4045B007}
2016-03-16 12:34 - 2016-03-16 12:34 - 00000000 ____D C:\$SysReset
2016-03-16 12:11 - 2016-03-16 12:11 - 00000000 ____D C:\Users\steal\AppData\Local\MicrosoftEdge
2016-03-16 12:02 - 2016-03-16 12:09 - 00000000 ____D C:\Users\steal\AppData\Local\Mozilla
2016-03-16 12:01 - 2016-03-16 12:01 - 00000000 ___RD C:\Users\steal\OneDrive
2016-03-16 12:01 - 2016-03-16 12:01 - 00000000 ____D C:\Users\steal\AppData\Local\NVIDIA Corporation
2016-03-16 12:00 - 2016-03-16 12:00 - 00000000 ____D C:\Users\steal\AppData\Roaming\Roxio
2016-03-16 12:00 - 2016-03-16 12:00 - 00000000 ____D C:\Users\steal\AppData\Roaming\Dell
2016-03-16 12:00 - 2016-03-16 12:00 - 00000000 ____D C:\Users\steal\AppData\Roaming\Apple Computer
2016-03-16 12:00 - 2016-03-16 12:00 - 00000000 ____D C:\Users\steal\AppData\Local\NVIDIA
2016-03-16 12:00 - 2016-03-16 12:00 - 00000000 ____D C:\Users\steal\AppData\Local\CyberLink
2016-03-16 11:59 - 2016-03-16 12:00 - 00000000 ____D C:\Users\steal\AppData\Local\Comms
2016-03-16 11:59 - 2016-03-16 11:59 - 00000000 ____D C:\Users\steal\AppData\Local\Publishers
2016-03-16 11:59 - 2016-03-16 11:59 - 00000000 ____D C:\Users\steal\AppData\Local\ActiveSync
2016-03-16 11:58 - 2016-03-16 11:58 - 00000000 ____D C:\Users\steal\AppData\Local\VirtualStore
2016-03-16 11:57 - 2016-03-16 13:58 - 00000000 ____D C:\Users\steal
2016-03-16 11:57 - 2016-03-16 12:16 - 00000000 ____D C:\Users\steal\AppData\Local\Packages
2016-03-16 11:57 - 2016-03-16 12:03 - 00000000 ____D C:\Users\steal\AppData\Roaming\Mozilla
2016-03-16 11:57 - 2016-03-16 11:57 - 00000000 _SHDL C:\Users\steal\My Documents
2016-03-16 11:57 - 2016-03-16 11:57 - 00000000 _SHDL C:\Users\steal\Documents\My Videos
2016-03-16 11:57 - 2016-03-16 11:57 - 00000000 _SHDL C:\Users\steal\Documents\My Pictures
2016-03-16 11:57 - 2016-03-16 11:57 - 00000000 _SHDL C:\Users\steal\Documents\My Music
2016-03-16 11:57 - 2016-03-16 11:57 - 00000000 ____D C:\Users\steal\AppData\Roaming\Adobe
2016-03-16 11:57 - 2016-03-16 11:49 - 00000000 ____D C:\Users\steal\AppData\Local\SoftThinks
2016-03-16 11:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\steal\AppData\Roaming\Media Center Programs
2016-03-16 11:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\steal\AppData\Roaming\Macromedia
2016-03-16 00:34 - 2016-03-16 12:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-16 00:34 - 2016-03-16 00:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-15 22:30 - 2016-03-16 12:56 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2016-03-14 10:17 - 2016-02-29 21:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-14 10:17 - 2016-02-29 21:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-14 10:17 - 2016-02-24 01:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-14 10:17 - 2016-02-24 01:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-14 10:17 - 2016-02-24 01:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-14 10:17 - 2016-02-24 01:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-14 10:17 - 2016-02-24 01:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-14 10:17 - 2016-02-24 01:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-14 10:17 - 2016-02-24 01:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-14 10:17 - 2016-02-24 01:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-14 10:17 - 2016-02-24 00:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-14 10:17 - 2016-02-24 00:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-14 10:17 - 2016-02-24 00:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-14 10:17 - 2016-02-24 00:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-14 10:17 - 2016-02-24 00:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-14 10:17 - 2016-02-24 00:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-14 10:17 - 2016-02-24 00:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-14 10:17 - 2016-02-24 00:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-14 10:17 - 2016-02-24 00:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-14 10:17 - 2016-02-24 00:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-14 10:17 - 2016-02-24 00:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-14 10:17 - 2016-02-24 00:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-14 10:17 - 2016-02-24 00:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-14 10:17 - 2016-02-24 00:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-14 10:17 - 2016-02-24 00:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-14 10:17 - 2016-02-24 00:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-14 10:17 - 2016-02-24 00:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-14 10:17 - 2016-02-24 00:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-14 10:17 - 2016-02-24 00:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-14 10:17 - 2016-02-24 00:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-14 10:17 - 2016-02-24 00:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-14 10:17 - 2016-02-23 23:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-14 10:17 - 2016-02-23 23:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-14 10:17 - 2016-02-23 23:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-14 10:17 - 2016-02-23 23:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-14 10:17 - 2016-02-23 23:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-14 10:17 - 2016-02-23 23:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-14 10:17 - 2016-02-23 23:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-14 10:17 - 2016-02-23 23:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-14 10:17 - 2016-02-23 23:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-14 10:17 - 2016-02-23 23:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-14 10:17 - 2016-02-23 23:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-14 10:17 - 2016-02-23 23:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-14 10:17 - 2016-02-23 23:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-14 10:17 - 2016-02-23 23:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-14 10:17 - 2016-02-23 23:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-14 10:17 - 2016-02-23 23:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-14 10:17 - 2016-02-23 23:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-14 10:17 - 2016-02-23 23:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-14 10:17 - 2016-02-23 23:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-14 10:17 - 2016-02-23 23:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-14 10:17 - 2016-02-23 23:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-14 10:17 - 2016-02-23 23:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-14 10:17 - 2016-02-23 23:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-14 10:17 - 2016-02-23 23:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-14 10:17 - 2016-02-23 23:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-14 10:17 - 2016-02-23 23:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-14 10:17 - 2016-02-23 23:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-14 10:17 - 2016-02-23 23:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-14 10:17 - 2016-02-23 23:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-14 10:17 - 2016-02-23 23:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-14 10:17 - 2016-02-23 23:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-14 10:17 - 2016-02-23 23:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-14 10:17 - 2016-02-23 23:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-14 10:17 - 2016-02-23 23:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-14 10:17 - 2016-02-23 23:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-14 10:17 - 2016-02-23 23:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-14 10:17 - 2016-02-23 23:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-14 10:17 - 2016-02-23 23:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-14 10:17 - 2016-02-23 23:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-14 10:17 - 2016-02-23 23:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-14 10:17 - 2016-02-23 22:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-14 10:17 - 2016-02-23 22:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-14 10:17 - 2016-02-23 22:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-14 10:17 - 2016-02-23 22:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-14 10:17 - 2016-02-23 22:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-14 10:17 - 2016-02-23 22:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-14 10:17 - 2016-02-23 22:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-14 10:17 - 2016-02-23 22:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-14 10:17 - 2016-02-23 22:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-14 10:17 - 2016-02-23 22:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-14 10:17 - 2016-02-23 22:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-14 10:17 - 2016-02-23 22:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-14 10:17 - 2016-02-23 22:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-14 10:17 - 2016-02-23 22:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-14 10:17 - 2016-02-23 22:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-14 10:17 - 2016-02-23 22:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-14 10:17 - 2016-02-23 22:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-14 10:17 - 2016-02-23 22:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-14 10:17 - 2016-02-23 22:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-14 10:17 - 2016-02-23 22:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-14 10:17 - 2016-02-23 22:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-14 10:17 - 2016-02-23 22:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-14 10:17 - 2016-02-23 22:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-14 10:17 - 2016-02-23 22:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-14 10:17 - 2016-02-23 22:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-14 10:17 - 2016-02-23 22:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-14 10:17 - 2016-02-23 22:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-14 10:17 - 2016-02-23 22:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-14 10:17 - 2016-02-23 22:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-14 10:17 - 2016-02-23 22:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-14 10:17 - 2016-02-23 22:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-14 10:17 - 2016-02-23 22:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-14 10:17 - 2016-02-23 22:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-14 10:17 - 2016-02-23 22:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-14 10:17 - 2016-02-23 22:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-14 10:17 - 2016-02-23 22:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-14 10:17 - 2016-02-23 22:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-14 10:17 - 2016-02-23 22:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-14 10:17 - 2016-02-23 22:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-14 10:17 - 2016-02-23 22:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-14 10:17 - 2016-02-23 22:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-14 10:17 - 2016-02-23 22:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-14 10:17 - 2016-02-23 22:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-14 10:17 - 2016-02-23 22:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-14 10:17 - 2016-02-23 22:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-14 10:17 - 2016-02-23 22:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-14 10:17 - 2016-02-23 22:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-14 10:17 - 2016-02-23 22:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-14 10:17 - 2016-02-23 22:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-14 10:17 - 2016-02-23 22:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-14 10:17 - 2016-02-23 22:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-14 10:17 - 2016-02-23 22:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-14 10:17 - 2016-02-23 22:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-14 10:17 - 2016-02-23 22:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-14 10:17 - 2016-02-23 22:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-14 10:17 - 2016-02-23 22:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-14 10:17 - 2016-02-23 22:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-14 10:17 - 2016-02-23 22:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-14 10:17 - 2016-02-23 22:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-14 10:17 - 2016-02-23 22:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-14 10:17 - 2016-02-23 22:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-14 10:17 - 2016-02-23 22:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-14 10:17 - 2016-02-23 22:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-14 10:17 - 2016-02-23 22:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-14 10:17 - 2016-02-23 22:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-14 10:17 - 2016-02-23 22:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-14 10:17 - 2016-02-23 22:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-14 10:17 - 2016-02-23 21:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-14 10:17 - 2016-02-23 21:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-14 10:17 - 2016-02-23 21:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-14 10:17 - 2016-02-23 21:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-14 10:17 - 2016-02-23 21:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-14 10:17 - 2016-02-23 21:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-14 10:17 - 2016-02-23 21:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-14 10:17 - 2016-02-23 21:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-14 10:17 - 2016-02-23 21:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-14 10:17 - 2016-02-23 21:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-14 10:17 - 2016-02-23 21:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-14 10:17 - 2016-02-23 21:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-14 10:17 - 2016-02-23 21:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-14 10:17 - 2016-02-23 20:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-14 10:17 - 2016-02-23 20:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-12 16:06 - 2016-03-12 16:07 - 00000000 ____D C:\Users\Ray\Desktop\Beard
2016-03-10 13:12 - 2016-03-10 13:12 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-03-09 09:00 - 2016-03-09 09:00 - 00000000 ____D C:\Users\Ray\AppData\Local\Comms
2016-03-09 08:53 - 2016-03-10 18:34 - 00000000 ____D C:\Users\Ray\AppData\Local\MicrosoftEdge
2016-03-09 08:44 - 2016-03-16 12:37 - 00000000 ___RD C:\Users\Ray\OneDrive
2016-03-09 08:44 - 2016-03-09 08:45 - 00002403 _____ C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-09 08:43 - 2016-03-09 08:43 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-03-09 08:42 - 2016-03-09 08:42 - 00000000 ____D C:\Users\Ray\AppData\Local\ActiveSync
2016-03-09 08:41 - 2016-03-09 08:41 - 00000000 ____D C:\Users\Ray\AppData\Local\Publishers
2016-03-09 08:39 - 2016-03-18 01:06 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-09 08:39 - 2016-03-16 12:42 - 00000000 ____D C:\Users\Ray\AppData\Local\Packages
2016-03-09 08:39 - 2016-03-09 08:39 - 00000258 __RSH C:\Users\Ray\ntuser.pol
2016-03-09 08:39 - 2016-03-09 08:39 - 00000020 ___SH C:\Users\Ray\ntuser.ini
2016-03-09 08:39 - 2016-03-09 08:39 - 00000000 ____D C:\Users\Ray\AppData\Local\TileDataLayer
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 _SHDL C:\Users\Default\My Documents
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-03-09 00:08 - 2016-03-09 00:08 - 00000000 ____D C:\ProgramData\USOShared
2016-03-09 00:06 - 2016-03-23 09:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-09 00:06 - 2016-03-09 00:06 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-03-08 23:57 - 2016-03-23 09:42 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2016-03-08 23:57 - 2016-03-23 09:42 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2016-03-08 23:57 - 2016-03-08 23:57 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-08 23:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2016-03-08 23:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-03-08 23:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-03-08 23:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2016-03-08 23:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-03-08 23:57 - 2016-03-08 23:57 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-03-08 23:50 - 2016-03-08 23:50 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-03-08 23:48 - 2016-03-22 22:45 - 00000000 ____D C:\Users\Ray
2016-03-08 23:48 - 2016-03-08 23:48 - 00000000 _SHDL C:\Users\Ray\My Documents
2016-03-08 23:48 - 2016-03-08 23:48 - 00000000 _SHDL C:\Users\Ray\Documents\My Videos
2016-03-08 23:48 - 2016-03-08 23:48 - 00000000 _SHDL C:\Users\Ray\Documents\My Pictures
2016-03-08 23:48 - 2016-03-08 23:48 - 00000000 _SHDL C:\Users\Ray\Documents\My Music
2016-03-08 23:45 - 2016-03-23 09:48 - 01009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-08 23:45 - 2016-03-08 23:45 - 00965390 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-03-08 23:43 - 2016-03-08 23:43 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-03-08 23:43 - 2016-03-08 23:43 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-03-08 23:43 - 2016-03-08 23:43 - 00000000 ____D C:\Program Files\Realtek
2016-03-08 23:41 - 2015-10-29 23:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-03-08 23:39 - 2016-03-16 17:45 - 00274792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-08 23:38 - 2016-03-09 08:39 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-08 23:35 - 2016-03-08 23:35 - 00000000 ____D C:\Windows.old
2016-03-08 23:34 - 2016-03-08 23:34 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-03-08 23:34 - 2016-03-08 23:34 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-03-08 23:34 - 2016-03-08 23:34 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-08 23:34 - 2016-03-08 23:34 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-08 23:34 - 2016-03-08 23:34 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-08 23:34 - 2016-03-08 23:34 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-08 23:34 - 2016-03-08 23:34 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-08 23:34 - 2016-03-08 23:34 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-08 23:34 - 2016-03-08 23:34 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-08 23:34 - 2016-03-08 23:34 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-03-08 23:34 - 2016-03-08 23:34 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-03-08 23:34 - 2016-03-08 23:34 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-03-08 23:34 - 2016-03-08 23:34 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-03-08 23:34 - 2016-03-08 23:34 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-03-08 23:34 - 2016-03-08 23:34 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-08 23:33 - 2016-03-08 23:33 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-08 23:33 - 2016-03-08 23:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-03-08 23:33 - 2016-03-08 23:33 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-03-08 23:33 - 2016-03-08 23:33 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-03-08 23:33 - 2016-03-08 23:33 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-08 23:33 - 2016-03-08 23:33 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-03-08 23:33 - 2016-03-08 23:33 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-03-08 23:29 - 2016-03-08 23:29 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\Program Files\MSBuild
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-08 23:22 - 2016-03-08 23:22 - 00000000 ____D C:\inetpub
2016-03-08 23:21 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-03-08 23:21 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-08 23:21 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-03-08 23:21 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-03-08 23:21 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-03-08 23:21 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-08 23:12 - 2016-03-08 23:12 - 00008212 _____ C:\WINDOWS\mfebcdata
2016-03-08 23:01 - 2016-03-09 00:07 - 00010449 _____ C:\WINDOWS\diagerr.xml
2016-03-08 23:01 - 2016-03-09 00:07 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-02-29 22:08 - 2016-02-29 22:08 - 00065024 _____ C:\Users\Ray\Documents\Yelp! On Fix-it Fast.wps
2016-02-29 22:06 - 2016-02-29 22:08 - 00096768 _____ C:\Users\Ray\Documents\Fishin' check list 2016.wps
2016-02-26 11:58 - 2016-02-26 11:58 - 00000000 ____D C:\Users\Ray\AppData\Roaming\EurekaLog
2016-02-26 09:56 - 2016-02-26 13:18 - 00000000 ____D C:\Program Files (x86)\Itibiti Soft Phone
2016-02-26 09:56 - 2016-02-26 09:56 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Itibiti
2016-02-26 09:55 - 2016-02-26 11:12 - 00000000 ____D C:\ProgramData\Service1291
2016-02-26 09:55 - 2016-02-26 09:55 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-02-23 19:36 - 2016-03-16 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OURLINK USB Wireless LAN Utility
2016-02-23 19:24 - 2016-02-27 08:20 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-02-23 19:24 - 2016-02-23 19:36 - 00002248 _____ C:\Users\Public\Desktop\OURLINK USB Wireless LAN Utility.lnk
2016-02-23 19:24 - 2015-05-07 00:39 - 03664600 ____R (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlanu.sys
2016-02-23 19:24 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2016-02-23 19:23 - 2016-02-27 08:21 - 00000000 ____D C:\Program Files (x86)\OURLINK
2016-02-23 19:23 - 2015-03-03 12:32 - 00456560 _____ (Realtek) C:\WINDOWS\SwUSB.exe
2016-02-23 19:23 - 2014-12-12 17:24 - 00044760 _____ () C:\WINDOWS\runSW.exe
2016-02-23 19:23 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll
2016-02-23 19:23 - 2010-12-01 09:31 - 00451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2016-02-23 19:23 - 2009-03-31 14:31 - 00380928 _____ (Realtek) C:\WINDOWS\RtlUI2.exe
2016-02-23 19:23 - 2009-01-05 20:31 - 00000901 _____ C:\WINDOWS\RtlUI2.exe.manifest
2016-02-23 19:23 - 2007-04-26 14:05 - 00100000 _____ C:\WINDOWS\SysWOW64\EAPPkt9x.VXD
2016-02-23 19:23 - 2001-09-26 11:03 - 00012981 _____ C:\WINDOWS\SysWOW64\REALPKT.VXD
2016-02-23 18:26 - 2016-02-23 18:26 - 00000018 _____ C:\Users\Ray\Documents\Blacklist Vendors.txt
2016-02-23 02:47 - 2016-03-08 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-23 02:47 - 2016-02-23 02:47 - 00001966 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-02-22 23:55 - 2016-02-22 23:55 - 00014848 _____ C:\Users\Ray\Documents\clear jel.wps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-23 12:21 - 2016-01-12 08:49 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-23 12:21 - 2015-01-28 14:05 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA.job
2016-03-23 12:15 - 2013-07-23 14:27 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-23 11:44 - 2015-06-18 13:33 - 00000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA.job
2016-03-23 09:55 - 2015-10-29 23:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-23 09:55 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-23 09:48 - 2015-10-29 23:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-23 09:46 - 2014-02-12 14:47 - 00000000 ___RD C:\Users\Ray\Dropbox
2016-03-23 09:46 - 2014-02-12 14:45 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Dropbox
2016-03-23 09:43 - 2013-07-23 14:27 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-23 09:42 - 2010-06-02 15:47 - 00000000 ____D C:\Users\Ray\AppData\Local\SoftThinks
2016-03-23 09:42 - 2010-05-24 04:28 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2016-03-23 09:41 - 2015-03-17 21:02 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-23 09:41 - 2014-01-11 11:36 - 712133511 _____ C:\WINDOWS\MEMORY.DMP
2016-03-23 01:21 - 2015-01-28 14:05 - 00000848 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core.job
2016-03-22 21:44 - 2015-06-18 13:33 - 00000858 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core.job
2016-03-22 21:37 - 2015-10-29 22:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-22 21:16 - 2014-08-17 12:19 - 00003111 _____ C:\Users\Ray\Desktop\pwd.txt
2016-03-22 19:28 - 2015-08-29 18:42 - 00095744 _____ C:\Users\Ray\Documents\investments 8-30-15.xls
2016-03-22 17:15 - 2015-10-29 23:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-20 23:12 - 2013-09-06 09:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-17 13:42 - 2016-01-11 16:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-16 23:05 - 2010-07-02 13:37 - 00016096 _____ C:\Users\Ray\AppData\Roaming\wklnhst.dat
2016-03-16 22:27 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-03-16 17:44 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-16 17:44 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-16 17:44 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-16 17:44 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-16 17:04 - 2013-07-31 02:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-16 16:53 - 2010-06-02 17:50 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-16 14:24 - 2015-11-07 08:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-16 14:22 - 2016-01-12 08:49 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-03-16 12:57 - 2015-10-30 01:07 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-16 12:57 - 2015-10-30 01:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-03-16 12:57 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-03-16 12:57 - 2015-10-29 22:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-16 12:57 - 2015-10-29 22:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-16 12:57 - 2015-10-29 22:28 - 00000000 ____D C:\WINDOWS\servicing
2016-03-16 12:56 - 2016-01-11 16:43 - 00000000 ____D C:\ProgramData\FitbitConnect
2016-03-16 12:56 - 2014-11-18 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-16 12:56 - 2013-10-20 23:22 - 00000000 ____D C:\ProgramData\Oracle
2016-03-16 12:56 - 2012-07-14 09:26 - 00000000 ____D C:\Users\Ray\AppData\LocalLow\Conduit
2016-03-16 12:56 - 2012-04-19 16:04 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-03-16 12:56 - 2011-01-25 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rock Software
2016-03-16 12:56 - 2010-06-22 21:00 - 00000000 ____D C:\Users\Ray\AppData\Roaming\IrfanView
2016-03-16 12:56 - 2010-05-24 04:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-16 12:48 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\registration
2016-03-16 12:42 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-03-15 20:22 - 2010-07-21 14:07 - 00000000 ____D C:\Users\Public\Documents\stuff
2016-03-14 10:31 - 2015-09-16 12:18 - 00000000 ____D C:\Users\Ray\.oracle_jre_usage
2016-03-09 08:58 - 2015-10-29 23:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-03-09 08:40 - 2015-10-29 23:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-09 08:40 - 2015-10-29 23:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-03-09 08:40 - 2015-10-29 23:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-03-09 08:40 - 2015-10-29 23:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-03-09 00:09 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-09 00:08 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-03-09 00:08 - 2015-10-29 23:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-03-09 00:08 - 2015-10-29 22:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-09 00:07 - 2015-06-18 13:33 - 00003986 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA
2016-03-09 00:07 - 2015-06-18 13:33 - 00003590 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core
2016-03-09 00:07 - 2015-01-28 14:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA
2016-03-09 00:07 - 2015-01-28 14:05 - 00003580 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core
2016-03-09 00:07 - 2014-11-18 19:12 - 00003434 _____ C:\WINDOWS\System32\Tasks\{A803781C-A324-4234-A861-E1318D6E3E7D}
2016-03-09 00:07 - 2014-04-10 02:26 - 00003510 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001
2016-03-09 00:07 - 2013-11-26 09:23 - 00003488 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001
2016-03-09 00:07 - 2013-07-23 14:27 - 00004004 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-09 00:07 - 2013-05-22 19:27 - 00003530 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001
2016-03-09 00:07 - 2012-12-13 03:34 - 00003488 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001
2016-03-09 00:07 - 2012-09-24 21:22 - 00003274 _____ C:\WINDOWS\System32\Tasks\{809A0393-7442-41D6-AB89-70B3DFA92912}
2016-03-09 00:07 - 2011-12-09 14:30 - 00003408 _____ C:\WINDOWS\System32\Tasks\{CA21B1D0-8C79-4D49-9EE2-F69D2A5B6D47}
2016-03-09 00:07 - 2010-12-16 22:08 - 00003264 _____ C:\WINDOWS\System32\Tasks\{C3A433A7-9CD8-48D2-B2E2-A92A30E88320}
2016-03-09 00:06 - 2015-10-29 23:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-09 00:06 - 2015-03-18 10:22 - 00003258 _____ C:\WINDOWS\System32\Tasks\CLMLSvc
2016-03-09 00:06 - 2015-03-17 20:52 - 00003292 _____ C:\WINDOWS\System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52}
2016-03-09 00:06 - 2015-01-14 03:32 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-03-09 00:06 - 2014-04-10 02:26 - 00003372 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001
2016-03-09 00:06 - 2013-11-26 09:24 - 00003350 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001
2016-03-09 00:06 - 2013-07-23 14:27 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-09 00:06 - 2012-12-13 03:34 - 00003350 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001
2016-03-09 00:02 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-03-08 23:58 - 2016-01-20 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TablEdit
2016-03-08 23:58 - 2016-01-18 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2016-03-08 23:58 - 2016-01-11 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2016-03-08 23:58 - 2015-12-15 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-03-08 23:58 - 2015-10-29 23:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-03-08 23:58 - 2015-08-12 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-03-08 23:58 - 2015-03-25 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Pro Edition 5.5
2016-03-08 23:58 - 2015-03-25 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Dynamic Disk Manager
2016-03-08 23:58 - 2015-03-18 11:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2016-03-08 23:58 - 2015-03-18 10:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-03-08 23:58 - 2015-03-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-08 23:58 - 2015-03-04 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-03-08 23:58 - 2015-03-02 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2016-03-08 23:58 - 2014-10-22 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-03-08 23:58 - 2014-09-14 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-08 23:58 - 2014-06-27 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-08 23:58 - 2014-06-22 15:26 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ChessGenius Classic
2016-03-08 23:58 - 2014-06-22 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChessGenius Classic
2016-03-08 23:58 - 2014-05-12 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-03-08 23:58 - 2013-08-19 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-03-08 23:58 - 2013-05-22 08:07 - 00000000 ____D C:\Program Files\My Dell
2016-03-08 23:58 - 2013-05-06 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Musician Training Center
2016-03-08 23:58 - 2013-01-24 03:42 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2016-03-08 23:58 - 2013-01-24 00:04 - 00000000 ____D C:\Program Files\Dell Support Center
2016-03-08 23:58 - 2012-09-18 06:53 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-03-08 23:58 - 2012-09-18 06:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-03-08 23:58 - 2012-09-16 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-03-08 23:58 - 2012-03-30 07:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Identifier
2016-03-08 23:58 - 2011-08-12 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Pro9000 Mark II series User Registration
2016-03-08 23:58 - 2011-08-12 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Pro9000 Mark II series Manual
2016-03-08 23:58 - 2011-08-12 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Pro9000 II series
2016-03-08 23:58 - 2011-06-22 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Ghost
2016-03-08 23:58 - 2010-11-09 07:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dvd-cloner
2016-03-08 23:58 - 2010-10-30 09:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-03-08 23:58 - 2010-10-30 09:09 - 00000000 ____D C:\WINDOWS\en
2016-03-08 23:58 - 2010-08-30 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2016-03-08 23:58 - 2010-06-22 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-03-08 23:58 - 2010-06-03 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations
2016-03-08 23:58 - 2010-06-03 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoImpression 6
2016-03-08 23:58 - 2010-06-03 15:16 - 00000000 ____D C:\WINDOWS\SysWOW64\PhotoImpression Slideshow
2016-03-08 23:58 - 2010-06-03 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-03-08 23:58 - 2010-06-03 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
2016-03-08 23:58 - 2010-05-24 04:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe
2016-03-08 23:58 - 2010-05-24 04:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-03-08 23:58 - 2010-05-24 04:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2016-03-08 23:58 - 2010-05-24 04:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2016-03-08 23:57 - 2009-07-13 19:20 - 00000000 ____D C:\Users\Default.migrated
2016-03-08 23:53 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-03-08 23:53 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-03-08 23:53 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-03-08 23:53 - 2015-03-09 17:34 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2016-03-08 23:53 - 2012-02-17 10:13 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-03-08 23:53 - 2011-03-05 17:56 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-03-08 23:53 - 2010-05-24 06:18 - 00000000 ____D C:\WINDOWS\SysWOW64\x64
2016-03-08 23:53 - 2010-05-24 06:18 - 00000000 ____D C:\WINDOWS\SysWOW64\Lang
2016-03-08 23:52 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-08 23:52 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-03-08 23:52 - 2011-03-05 17:55 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-03-08 23:51 - 2015-10-29 23:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-03-08 23:51 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\schemas
2016-03-08 23:51 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\Resources
2016-03-08 23:51 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-08 23:51 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\IME
2016-03-08 23:51 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\Help
2016-03-08 23:51 - 2015-07-27 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOX
2016-03-08 23:51 - 2015-07-05 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SereneScreen
2016-03-08 23:51 - 2015-05-05 02:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-08 23:51 - 2015-03-17 20:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-08 23:51 - 2015-03-15 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2016-03-08 23:51 - 2013-03-23 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantom EFX
2016-03-08 23:51 - 2012-12-01 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2016-03-08 23:51 - 2012-09-24 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseTips
2016-03-08 23:51 - 2011-08-12 09:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-03-08 23:51 - 2011-08-12 09:54 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-03-08 23:51 - 2010-07-21 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2016-03-08 23:51 - 2010-05-24 04:40 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-08 23:51 - 2009-07-13 23:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-08 23:50 - 2015-10-29 23:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-03-08 23:50 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-08 23:50 - 2015-03-17 20:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-08 23:50 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-03-08 23:50 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-03-08 23:50 - 2009-07-13 19:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-08 23:49 - 2015-10-01 18:21 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firetrust
2016-03-08 23:49 - 2015-03-19 10:30 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO
2016-03-08 23:49 - 2010-08-03 17:13 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2016-03-08 23:39 - 2015-10-30 01:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-03-08 23:38 - 2015-10-29 23:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-03-08 23:35 - 2015-10-29 23:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-03-08 23:35 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-08 23:35 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-08 23:35 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-08 23:35 - 2015-10-29 22:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-08 23:22 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-03-08 23:22 - 2015-10-29 23:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-03-08 23:22 - 2015-10-29 23:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-03-08 23:22 - 2015-10-29 23:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-03-08 23:22 - 2015-10-29 23:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-03-08 23:22 - 2015-10-29 23:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-03-08 23:22 - 2015-10-29 23:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-03-08 23:22 - 2015-10-29 23:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-03-08 23:22 - 2015-10-29 23:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-03-08 23:22 - 2015-10-29 23:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-03-08 23:22 - 2015-10-29 23:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-03-08 23:22 - 2015-10-29 23:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-03-08 23:22 - 2015-10-29 23:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-03-08 23:22 - 2015-10-29 23:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-03-08 23:22 - 2015-10-29 23:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-03-08 23:22 - 2015-10-29 23:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-03-08 23:22 - 2015-10-29 23:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-03-08 23:22 - 2015-10-29 23:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-03-08 23:22 - 2015-10-29 23:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-03-08 23:06 - 2009-07-13 20:45 - 00022464 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-08 23:06 - 2009-07-13 20:45 - 00022464 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-08 23:02 - 2015-10-30 01:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-07 23:12 - 2015-10-29 23:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-07 23:12 - 2015-10-29 23:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-05 17:35 - 2015-02-15 15:05 - 00004314 _____ C:\Users\Ray\AppData\Roaming\LTspiceIV.ini
2016-02-29 21:18 - 2015-08-14 11:54 - 00419840 ___SH C:\Users\Ray\Desktop\Thumbs.db
2016-02-27 08:27 - 2016-01-18 23:49 - 00000000 ____D C:\ProgramData\Canon
2016-02-27 08:27 - 2016-01-18 21:35 - 00000000 ____D C:\Users\Ray\Desktop\Tor Browser
2016-02-27 08:27 - 2015-12-19 18:00 - 00000000 ____D C:\Users\Ray\Desktop\Tamales
2016-02-27 08:27 - 2015-11-21 17:04 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-27 08:27 - 2015-09-12 09:35 - 00000000 ____D C:\Users\Ray\Downloads\Inspiron mini 10 Enter BIOS Setup - SOLVED - General Hardware - Laptop - Dell Community_files
2016-02-27 08:27 - 2015-08-12 23:45 - 00000000 ____D C:\Program Files (x86)\Windows Phone
2016-02-27 08:27 - 2015-03-25 11:21 - 00000000 ____D C:\Users\Ray\Downloads\DM_ProDemo
2016-02-27 08:27 - 2015-03-18 11:44 - 00000000 ____D C:\Users\Ray\Desktop\Cyberlink Downloads
2016-02-27 08:27 - 2014-06-27 18:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-27 08:27 - 2014-01-05 18:40 - 00000000 ____D C:\Users\Ray\Downloads\How to Remove Spyware Remove Almost All Infections (Free!)_files
2016-02-27 08:27 - 2013-12-08 11:27 - 00000000 ____D C:\Users\Ray\Desktop\Chess
2016-02-27 08:27 - 2013-03-21 17:02 - 00000000 ____D C:\Users\Ray\Downloads\131-141Section10-Part1.p65 - 191-196_Sec10_Part11.pdf_files
2016-02-27 08:27 - 2012-11-12 18:23 - 00000000 ____D C:\Users\Ray\Downloads\store-locator.do_files
2016-02-27 08:27 - 2012-09-24 20:59 - 00000000 ____D C:\Users\Ray\Documents\RingtoneMaker_Portable
2016-02-27 08:27 - 2012-09-22 06:23 - 00000000 ____D C:\Users\Ray\Desktop\Old Firefox Data
2016-02-27 08:27 - 2012-09-13 13:20 - 00000000 ____D C:\Users\Ray\Downloads\xmsdsk
2016-02-27 08:27 - 2012-09-10 20:06 - 00000000 ____D C:\Users\Ray\Desktop\DOS 6.22
2016-02-27 08:27 - 2012-09-10 17:07 - 00000000 ____D C:\Users\Ray\Desktop\Ghost 2003
2016-02-27 08:27 - 2012-09-10 08:53 - 00000000 ____D C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
2016-02-27 08:27 - 2012-08-31 07:02 - 00000000 ____D C:\Users\Ray\Downloads\boarding pass_files
2016-02-27 08:27 - 2012-07-14 09:27 - 00000000 ____D C:\Program Files (x86)\Vuze
2016-02-27 08:27 - 2012-07-11 10:06 - 00000000 ____D C:\Users\Ray\Documents\dnschanger-stinger[1]
2016-02-27 08:27 - 2012-07-07 09:38 - 00000000 ____D C:\Program Files (x86)\stinger
2016-02-27 08:27 - 2012-03-20 21:31 - 00000000 ____D C:\Users\Ray\Documents\VLC
2016-02-27 08:27 - 2012-02-19 12:18 - 00000000 ____D C:\Users\Ray\Downloads\hey-good-lookin-593_files
2016-02-27 08:27 - 2011-12-13 22:37 - 00000000 ____D C:\Users\Ray\Desktop\My Photos
2016-02-27 08:27 - 2011-11-03 20:57 - 00000000 ____D C:\Users\Ray\Desktop\Kingston Thumb
2016-02-27 08:27 - 2011-08-24 18:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-02-27 08:27 - 2010-06-22 21:00 - 00000000 ____D C:\Program Files (x86)\IrfanView
2016-02-27 08:27 - 2010-06-02 20:16 - 00000000 ____D C:\Users\Ray\Desktop\2 gb lexar flash
2016-02-27 08:27 - 2010-06-02 15:51 - 00000000 ____D C:\Users\Ray\AppData\Local\Stardock_Corporation
2016-02-27 08:27 - 2010-05-24 04:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-02-27 08:26 - 2015-06-29 12:44 - 00000000 ____D C:\Program Files (x86)\Anki
2016-02-27 08:26 - 2015-03-25 20:54 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.5
2016-02-27 08:26 - 2015-03-25 17:55 - 00000000 ____D C:\Program Files (x86)\AOMEI DDM Pro Edition
2016-02-27 08:26 - 2014-05-12 15:02 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-02-27 08:26 - 2014-02-05 16:39 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-02-27 08:26 - 2012-09-16 12:24 - 00000000 ____D C:\Program Files (x86)\Handbrake
2016-02-27 08:26 - 2010-11-09 07:53 - 00000000 ____D C:\Program Files (x86)\Dvd-cloner
2016-02-27 08:26 - 2010-08-30 09:02 - 00000000 ____D C:\Program Files (x86)\Coupons
2016-02-27 08:26 - 2010-05-24 04:28 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Online
2016-02-27 08:21 - 2010-05-24 04:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-23 00:16 - 2010-06-08 16:47 - 00000000 ____D C:\Users\Ray\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2015-02-15 15:05 - 2016-03-05 17:35 - 0004314 _____ () C:\Users\Ray\AppData\Roaming\LTspiceIV.ini
2010-07-02 13:37 - 2016-03-16 23:05 - 0016096 _____ () C:\Users\Ray\AppData\Roaming\wklnhst.dat
2011-01-01 13:36 - 2015-10-09 11:11 - 0019456 _____ () C:\Users\Ray\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-01 20:00 - 2014-04-11 17:17 - 0007615 _____ () C:\Users\Ray\AppData\Local\Resmon.ResmonCfg
2010-07-21 15:01 - 2010-07-21 15:01 - 0000040 ___SH () C:\ProgramData\.zreglib
2013-07-18 08:26 - 2013-07-18 08:27 - 0000019 _____ () C:\ProgramData\IpAndPort.fig

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-21 22:48

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Ray (2016-03-23 12:41:19)
Running from C:\Users\Ray\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-09 16:39:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1556054694-2950829292-1133922799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1556054694-2950829292-1133922799-503 - Limited - Disabled)
Guest (S-1-5-21-1556054694-2950829292-1133922799-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1556054694-2950829292-1133922799-1005 - Limited - Enabled)
Ray (S-1-5-21-1556054694-2950829292-1133922799-1001 - Administrator - Enabled) => C:\Users\Ray
steal (S-1-5-21-1556054694-2950829292-1133922799-1007 - Limited - Enabled) => C:\Users\steal.DELL-560

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Amazon Kindle) (Version: 1.13.1.42052 - Amazon)
Anki (HKLM-x32\...\Anki) (Version: - )
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.0 - SlySoft)
AOMEI Dynamic Disk Manager Pro Edition (HKLM-x32\...\AOMEI Dynamic Disk Manager Pro Edition_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{D03E7B00-CA85-4684-9321-1888873C34BD}) (Version: 6 - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}) (Version: - ArcSoft)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO TurboUSB for FLASH/HDD (HKLM-x32\...\UN130128) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data) (Version: - )
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data) (Version: - )
Canon LBP6030 6040 6018L Uninstaller (HKLM\...\Canon LBP6030 6040 6018L) (Version: 6, 1, 0, 0 - Canon Inc.)
Canon Pro9000 II series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_Pro9000_II_series) (Version: - )
Canon Pro9000 Mark II series User Registration (HKLM-x32\...\Canon Pro9000 Mark II series User Registration) (Version: - )
Canon Utilities Easy-PhotoPrint Pro (HKLM-x32\...\Easy-PhotoPrint Pro) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
ChessGenius Classic (HKLM-x32\...\ChessGenius Classic) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CyberLink InstantBurn 5 (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.9109Uninstall-WHCK - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.4218 - CyberLink Corp.)
CyberLink MediaShow 6 (HKLM-x32\...\InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}) (Version: 6.0.4521 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3328a - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.9729 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.4707 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4704.58 - CyberLink Corp.)
CyberLink PowerProducer 5.5 (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.5.3.4327 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAPlayer 1.0.1.8 (HKLM-x32\...\DAPlayer_is1) (Version: - Digiarty Software,Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect - 1 (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell System Detect (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Dropbox (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
DVD Ghost 2.62 (HKLM-x32\...\DVD Ghost 2.62_is1) (Version: - )
DVD Identifier (HKLM-x32\...\DVD Identifier_is1) (Version: 5.2.0 - Kris Schoofs)
DVD-CLONER V7.80 Build 1000 (HKLM-x32\...\DVD-CLONER VII_is1) (Version: 7.70.0.1000 - OpenCloner Inc.)
EPSON C120 User's Guide (HKLM-x32\...\Silent Package Run-Time Sample) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com)
Fresco Logic USB3.0 Host Controller (HKLM\...\{B25A87F2-EA64-4C60-9989-6442FFFAD5E2}) (Version: 3.5.100.0 - Fresco Logic Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
JamVOX (HKLM\...\{9BB301D9-C617-43DF-8CA1-AB1F63F64D51}) (Version: 3.03.0 - Korg Inc.)
JamVOX USB Driver (HKLM\...\JamVOX USB Driver) (Version: 2.00 - VOX)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LTspice IV (HKLM-x32\...\LTspice IV) (Version: - )
MailWasher (HKLM-x32\...\{8D4426EF-E37B-4B1B-B061-546D7172C67D}) (Version: 7.5 - Firetrust)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Agent (HKLM-x32\...\{AA951B10-7089-4D60-B288-516E641F48E6}) (Version: 4.0.0.1496 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 6.0.0.0 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}) (Version: 8.7.0 - McAfee, Inc.)
Micrologus Musician Training Center 1.8.1.9 (HKLM-x32\...\Micrologus_Musician_Training_Center_is1) (Version: 1.8.1.9 - Micrologus.com)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 45.0.1 (x64 en-US)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
MysticForest (HKLM-x32\...\{2AAFE1D7-9066-4183-B267-0398A3533E88}) (Version: 1.00.0000 - Phantom EFX)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OURLINK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0265 - )
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1045.0 - Passmark Software)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5963 - Realtek Semiconductor Corp.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4036 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TablEdit 2.75 (HKLM-x32\...\TablEdit Demo_is1) (Version: - TablEdit)
Virtual Fretboard (HKLM-x32\...\Virtual Fretboard) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 4.7 - Vuze Inc.)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ray\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FB07D01-E8A0-42F4-B3E5-B8F1CC3BBCFD} - System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52} => pcalua.exe -a D:\Driver\7_VISTA\275.33-desktop-win7-winvista-64bit-international-whql.exe
Task: {12820766-9C9E-452D-8E80-6E27CDD263FA} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {1684F6E7-C192-4B03-AFCF-CB35BA1E5DFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {176F912C-0935-48F5-88CE-3DC23F9A1C79} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {1E018890-FF0A-4B7C-A8E5-8C753D50A45B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {20A1B711-D38D-4C31-9E7E-220DBD08DE57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {218098AD-204A-4BF8-A211-A98F413E7453} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {2349A970-A2F4-450A-9954-646A0DBBCAD9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {255731CE-CEE8-4F82-8ECE-7E5512D6BF20} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {281379F8-D4D7-4298-9350-E018C123FEA3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2AEF5EE1-E7A4-43D4-8E56-E6CFD21610C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {31BC5EFE-32ED-4E6B-8B55-D0F1E8086D2C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34CAAF2F-6FA6-4D77-BE13-8F50E4DC2789} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {40F0DBA1-1E15-4783-8DBB-FF8AC16BE116} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {4112DEA9-9D6C-4196-8E07-EF1BA7935E0B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {496A082A-0382-4527-B287-C284E1C3982D} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {4ECA9BFB-6AD7-48AC-899E-58EF1589EFF3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {504DEA34-B44C-4C60-BB4F-CE64CC8BD8C3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {55383712-0181-429E-ACFF-4FE9E10F1218} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {55EF111B-A854-429C-845F-27E7402F1103} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {58B7F511-C029-4532-B7A1-67FE3BAA5A1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5A5F46F9-F735-44FA-B327-0457B853C0D9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5F472B18-A1D4-4CB3-94EC-6F563BD0B237} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {68B23F59-D249-41E3-97AC-BCAE8DD0D48F} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {6905FDAF-2D75-4D6D-AF57-456158F75353} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {835DA673-5FB6-4C37-BB9A-CC9F87CF3658} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {87FF79E8-25C5-43D0-8A47-0F3E45DE6557} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {894EEC49-095D-45D2-8425-C06016A4AC1F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8A2D57B5-B2FB-492B-9840-41220292A130} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8A44CD60-2FD1-4ABD-A95C-83FC134B48F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {8D79382E-20D8-4444-B3AD-65A4D6A61FAD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8EE6E127-3EBD-4ACB-BFA2-7B5DAAC19F39} - System32\Tasks\{809A0393-7442-41D6-AB89-70B3DFA92912} => pcalua.exe -a C:\Users\Ray\Downloads\ringmake_v531.exe -d C:\Users\Ray\Downloads
Task: {9482DE9A-A470-43A5-977A-A6BD3041177E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {95F19587-6CE6-4DE2-A423-6F419B84573F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {98B33ECD-3201-4B52-8998-EDD17BDEC688} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9AC13838-9377-4674-8601-2170C438CFE5} - System32\Tasks\{A803781C-A324-4234-A861-E1318D6E3E7D} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3AWI1X5B\jre-8u25-windows-i586 (2).com" -d C:\Users\Ray\Desktop
Task: {A3346EBC-F8B6-42D4-AF07-EA171AE8C6A6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {AFA7D8F0-7E69-4DA9-A142-3CB406A84077} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B2F183DC-1257-47C6-BB0B-2D8EBA846848} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B51BCD91-A43E-4D37-8AA1-224570808998} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {B78F1747-F224-493D-9234-01F43F8E0993} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {B9399415-F354-4BD0-8F5C-5498B2355188} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {BCCAD97E-8572-460A-8D1C-70DCA2BEAB4A} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2012-05-24] (CyberLink)
Task: {BE5E237E-9D7F-4059-B3EC-4E69A03F32A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C0C00D81-B76D-49D6-9A70-DACF6EE9850B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C16A276A-5040-4053-94F8-42BC336F97DE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C7DE63D9-CF6B-457B-A8F2-3329A6ED6CEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {CA10127A-E594-4D2C-9653-8B6CE538F521} - System32\Tasks\{CA21B1D0-8C79-4D49-9EE2-F69D2A5B6D47} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWUPE96I\BluesDemo[1].exe" -d C:\Users\Ray\Desktop
Task: {CD01F7E8-97A4-4624-BC1B-9CAD3992DC4F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {CF2781AE-F090-44C6-B1F4-D13DA74BE474} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {D01E1EF7-AE0D-48E8-A464-F31CA02D0528} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\Windows\System32\GWX\GWXUXWorker.exe
Task: {D5AB4995-11A2-4596-A2EB-4C0367558DC2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D88AF8D7-12AE-4FBE-832F-D6F129680D00} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DD3D5AE0-80B1-46AF-9C9E-FEDF4D9DEC31} - \Express FilesUpdate -> No File <==== ATTENTION
Task: {E3F75F02-9E0B-4F0B-A7DB-F44316720E19} - System32\Tasks\{C3A433A7-9CD8-48D2-B2E2-A92A30E88320} => pcalua.exe -a C:\Users\Ray\Downloads\wincraps.exe -d C:\Users\Ray\Downloads
Task: {E4453540-9E15-498F-8D77-9B6DCD8C950A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-16] (Adobe Systems Incorporated)
Task: {E8A67BC0-C83A-4809-9D0D-7DC9DBDF825B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E93BB92A-4902-4EB2-B4A0-88896D4F61F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EB74EA61-C5B9-4589-A9E9-4B68FA58D6BD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F712C740-7D75-4B0C-AF8D-888D4926ABE5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FF7FDDD9-5AE6-4E1D-AC41-909F265065FD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core.job => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA.job => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core.job => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA.job => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-29 23:18 - 2015-10-29 23:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-23 19:23 - 2014-12-12 17:24 - 00044760 _____ () C:\Windows\runSW.exe
2015-03-18 10:20 - 2010-08-19 01:43 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-05-24 04:28 - 2011-08-18 07:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2016-03-08 23:34 - 2016-03-08 23:34 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-09 09:33 - 2016-03-09 09:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2012-04-24 07:13 - 2012-04-24 07:13 - 01325656 _____ () C:\Program Files (x86)\VOX\JamVOX\JVExec.exe
2009-11-13 13:15 - 2009-11-13 13:15 - 01807600 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2009-12-15 20:14 - 2009-12-15 20:14 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2014-09-29 16:51 - 2014-09-29 16:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2016-03-17 03:40 - 2016-03-17 03:40 - 00472576 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\da13c0c9e4484063fac7ce3ca7674b52\VistaBridgeLibrary.ni.dll
2016-03-16 14:22 - 2016-03-16 14:22 - 26727616 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll
2015-10-29 23:18 - 2015-10-29 23:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 02138624 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\tor.exe
2009-12-15 20:14 - 2009-12-15 20:14 - 01169904 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-23 19:35 - 2013-02-27 17:17 - 00221184 _____ () C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\EnumDevLib.dll
2016-03-09 09:33 - 2016-03-09 09:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-03-09 09:33 - 2016-03-09 09:34 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-07-04 17:14 - 2012-07-04 17:14 - 01842288 _____ () C:\Program Files (x86)\CyberLink\Power2Go\Language\ENU\P2GRC.dll
2011-03-09 13:21 - 2011-03-09 13:21 - 00144680 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll
2011-12-15 03:22 - 2011-12-15 03:22 - 00018432 _____ () C:\Program Files (x86)\VOX\JamVOX\jamvoxdevice.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00275696 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00152816 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2015-03-18 10:17 - 2012-07-02 09:39 - 33747472 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2015-03-18 11:47 - 2014-11-04 01:38 - 00867080 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2015-03-18 11:47 - 2013-12-09 23:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2015-03-18 11:47 - 2013-12-09 23:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2015-03-18 11:48 - 2014-11-03 23:07 - 01521272 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\fdtr.dll
2015-03-18 11:47 - 2013-12-09 23:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2015-03-18 11:47 - 2013-12-09 23:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2014-12-11 17:40 - 2014-12-11 17:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2015-12-10 19:27 - 2016-02-23 10:19 - 00034768 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-17 20:25 - 2016-02-23 10:20 - 00019408 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-17 20:25 - 2016-02-23 10:19 - 00116688 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-10 19:27 - 2016-02-23 10:19 - 00093640 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-10 19:27 - 2016-02-23 10:19 - 00018376 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-10 19:27 - 2016-03-11 16:18 - 00019760 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00105928 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-17 20:25 - 2016-02-23 10:19 - 00392144 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-10 19:27 - 2016-03-11 16:18 - 00381752 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-10 19:27 - 2016-02-23 10:19 - 00692688 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00020816 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 19:27 - 2016-02-23 10:20 - 00112592 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 01682760 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00020808 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-10 19:27 - 2016-03-11 16:18 - 00020800 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 19:27 - 2016-03-11 16:18 - 00021840 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00038696 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-17 20:25 - 2016-02-23 10:21 - 00020936 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00024528 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00114640 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00124880 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00021832 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00024016 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00175560 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00030160 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00043472 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00028616 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00048592 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00026456 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00057808 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00024016 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00117056 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00024392 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-17 20:25 - 2016-02-23 10:21 - 00036296 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\librsync.dll
2016-03-17 20:25 - 2016-03-11 16:18 - 00031568 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-03-17 20:25 - 2016-02-12 16:24 - 00293392 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-12-10 19:27 - 2016-03-11 16:18 - 00023376 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 19:27 - 2016-02-23 10:19 - 00134608 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-17 20:25 - 2016-02-23 10:19 - 00134088 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-17 20:25 - 2016-02-23 10:20 - 00240584 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00052024 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00020800 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00021824 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00019776 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00020800 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00020280 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00350152 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00022352 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00084792 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-17 20:25 - 2016-03-11 16:18 - 01826096 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-10 19:27 - 2016-02-23 10:20 - 00083912 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 03928880 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 01971504 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00531248 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00132912 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00223544 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00207672 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00158008 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00042808 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-17 20:25 - 2016-02-23 10:23 - 00017864 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-17 20:25 - 2016-02-23 10:23 - 01631184 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-10 19:27 - 2016-03-11 16:18 - 00024904 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00546096 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00357680 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 13:45 - 2016-02-23 10:25 - 00697304 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-02-18 14:19 - 2015-02-18 14:19 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPBridgeDLL.dll
2015-02-18 14:19 - 2015-02-18 14:19 - 04647424 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPappDLL.dll
2014-10-12 01:41 - 2014-10-12 01:41 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTBridge.dll
2014-10-12 01:41 - 2014-10-12 01:41 - 00272384 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTClientNode.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 00510788 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\libevent-2-0-5.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 00090112 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\zlib1.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 00104451 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\libssp-0.dll
2009-12-15 20:13 - 2009-12-15 20:13 - 00588272 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
2009-11-15 20:58 - 2009-11-15 20:58 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\internet -> internet
IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\mcafee.com -> hxxps://mcafee.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2016-02-23 02:47 - 00000862 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win7 PURPLE 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: lfsvc => 3

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{11D67EAF-F737-49F4-AF90-50F4E5E8BA1F}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{A42E445E-0627-4D00-B41E-011BCBC8FE15}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{9E939A99-5436-4E6D-B94D-6845A84E54BF}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{45FF8649-5ECB-4C38-ABB0-EEA983E8B915}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{885A2B30-D80C-4AAA-84EF-31D3D4866D74}] => (Allow) C:\PROGRA~2\OURLINK\USBWIR~1\Rtldhcp.exe
FirewallRules: [{EB55E37B-932C-44A5-8AA6-D4605A3BB6E7}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{49096E75-38AE-4D34-A1EB-FFE35A56FB6A}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{064018EE-C6C7-488B-BBE4-9DF5BC3329C1}] => (Allow) LPort=53
FirewallRules: [{863BF5AE-0355-4433-A7C4-24773AD58D68}] => (Allow) LPort=1542
FirewallRules: [{32739C46-F1A5-4244-AC44-7186969475FB}] => (Allow) LPort=1542
FirewallRules: [{5DF5A503-15A8-430F-90EB-529009224591}] => (Allow) C:\PROGRA~2\OURLINK\USBWIR~1\RtWlan.exe
FirewallRules: [{324AFE7D-834E-4E5F-831F-85957227239B}] => (Allow) LPort=53
FirewallRules: [{568F6149-AA87-4743-A233-B4FF11D23A44}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A29C4DC-6BFF-441A-9676-64C381DD9503}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DAD79B1D-1B39-44C7-8950-6C5E70F062AC}] => (Allow) C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DA3D2AC6-2F60-4EBE-9F46-D8C051EDD356}] => (Allow) C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D12EBF44-70D1-45E6-A4BF-A390F62A9698}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{2EE909F2-44FB-4650-AE43-44109BF6DACA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{2F72FF99-B58C-4121-B3A8-77F45316594B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{42BAEA8B-59AF-41B6-81B4-57536E07C591}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{FFADF7B4-76A9-45FA-9AA4-94ADA2CD8E1A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{481CF093-4901-419A-9A99-3E16D98BBBF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{7DCB6A8B-6A7C-4FB3-9065-18805E91619B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0714E5D1-70A8-47E3-AA83-F35BDAFD1BA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4A1C6362-93B8-437B-AF58-763D874F5386}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F19E123F-3B5E-4AE1-8C9B-8570E44280FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BB77ABEE-2532-400A-8D08-81B04BD0E23B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9F4B4E7A-2E77-431B-BA29-375C0BE64FBC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{EDA69184-6799-467C-AFFE-16C3EACA9CAE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{10A97A62-A06C-4F62-9BD8-C9B308AA6C08}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{39D34609-1743-446A-B2B1-FBAE1EB9C3A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{86AD6ACE-B32D-4806-9814-A23D70DDA086}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D129A76C-B8F3-4321-9D86-85D0B3E0B259}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C95967FA-CF35-4A7A-91BA-2B3AE95756FB}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{9E0991F4-29F8-439B-AAC9-455113275615}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [UDP Query User{D6D81EE3-4982-4C3F-A91E-625056A334E7}C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [TCP Query User{FA1CD2F6-FF94-4AC1-938A-022329FA20A8}C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{8FEC5B3C-6F14-4DCE-B4AD-09F478B8CD8B}C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{9B65024F-7761-46EC-9FF6-81643ACD8D9B}C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{16D03959-A088-47FC-82C1-E4BDBB4DCE4E}C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe] => (Block) C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe
FirewallRules: [TCP Query User{281FC336-849A-4CC6-B802-E98FC244676F}C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe] => (Block) C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe
FirewallRules: [UDP Query User{934C35DC-E32F-4B8A-8DA9-CF5B7A8B7CDA}C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe] => (Allow) C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe
FirewallRules: [TCP Query User{9A05B043-D189-466C-B713-84631E0C97C1}C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe] => (Allow) C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe
FirewallRules: [UDP Query User{B91A05DA-AF05-49B8-AF95-B28E8E55EA90}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{2D0ADA38-622B-4097-BD41-25E08DB79457}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{961CEB59-5B72-401B-B73D-3149D72B3CA5}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{FBCB09E8-FFB8-46ED-BA4B-D55203D88B8E}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{E55FA8FE-BD3D-40B3-9AA9-C2338CCA60A3}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
FirewallRules: [{4BE415F9-3676-4CAC-A444-EB2AD100E4A5}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
FirewallRules: [{60EFF324-99C9-481A-8351-A5A9DB30FA16}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{B60E34CB-BD38-4365-9351-6A0143CAAA1D}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [UDP Query User{FB6F9235-97BC-41E1-B856-0E1DFC20965D}C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe] => (Block) C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe
FirewallRules: [TCP Query User{9158D2CA-550A-42F5-8CE2-9E084B55CFF9}C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe] => (Block) C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe
FirewallRules: [{751025B7-2DBD-4C6E-BB4E-D0F89ED0705B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6CABC6D-CF4B-4CCE-9421-978EBB7C20C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{62547078-DCEB-4128-B9ED-1167CAB1FD1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{29680462-0D04-4A91-86F3-D576624EF6F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4D9A573B-F4DC-46B6-9AC6-EBF78E8AF96B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{B9153F9D-2ABC-4AF0-B94E-018524FCC7F7}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{20D39DED-8DFF-4A16-BF00-A60251D9D78F}] => (Allow) LPort=1900
FirewallRules: [{F3298623-C820-4974-A80D-49DD7330344F}] => (Allow) LPort=2869
FirewallRules: [{0D06E6BC-3FE0-4DD1-A3A5-A6778D6DA77A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8338AE51-6DF6-4413-AC97-4DFDD630BE79}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A9497C76-DC38-43C2-9FDD-3A06C5CB834D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0C152855-80E9-4D6B-8BCB-F787209DBB2A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E8B7A3E6-2473-400E-828D-73985F81443E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{49862C79-42F3-423A-B477-D8B07AE799F8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{BB0E56ED-5DC7-439F-BDD1-AE61FC876041}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe

==================== Restore Points =========================

15-03-2016 22:30:02 DCInstallRestorePoint
16-03-2016 12:36:34 Restore Operation

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2016 12:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x2890
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x2890
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x1dcc
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x1dcc
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x2d70
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x2d70
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0xec8
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0xec8
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x2620
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x2620
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5


System errors:
=============
Error: (03/23/2016 09:48:39 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (03/23/2016 09:46:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (03/23/2016 09:43:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (03/23/2016 09:42:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe0010b52a060, 0xfffff8019fc61a90, 0xffffe0010b656b40)C:\WINDOWS\MEMORY.DMP95a27338-1a45-4bdc-8e70-ad2a064793d2

Error: (03/23/2016 09:42:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetMsmqActivator service failed to start due to the following error:
%%1053

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetPipeActivator service failed to start due to the following error:
%%1053

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetPipeActivator service to connect.

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetMsmqActivator service to connect.


CodeIntegrity:
===================================
Date: 2016-03-23 12:28:22.953
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.722
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.711
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.673
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-21 23:10:03.112
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-21 23:10:03.101
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-21 23:10:03.074
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-18 12:01:45.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-18 12:01:45.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q9650 @ 3.00GHz
Percentage of memory in use: 49%
Total physical RAM: 8156.98 MB
Available physical RAM: 4091.86 MB
Total Virtual: 16348.98 MB
Available Virtual: 12243.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:289.15 GB) (Free:70.05 GB) NTFS
Drive i: (FTV) (CDROM) (Total:23.14 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 8A427EA7)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=8.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=289.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files



#4 stealth1

stealth1
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 23 March 2016 - 04:24 PM

Here is my second attempt at posting the Addition.txt file:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Ray (2016-03-23 12:41:19)
Running from C:\Users\Ray\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-09 16:39:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1556054694-2950829292-1133922799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1556054694-2950829292-1133922799-503 - Limited - Disabled)
Guest (S-1-5-21-1556054694-2950829292-1133922799-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1556054694-2950829292-1133922799-1005 - Limited - Enabled)
Ray (S-1-5-21-1556054694-2950829292-1133922799-1001 - Administrator - Enabled) => C:\Users\Ray
steal (S-1-5-21-1556054694-2950829292-1133922799-1007 - Limited - Enabled) => C:\Users\steal.DELL-560

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Amazon Kindle) (Version: 1.13.1.42052 - Amazon)
Anki (HKLM-x32\...\Anki) (Version: - )
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.0 - SlySoft)
AOMEI Dynamic Disk Manager Pro Edition (HKLM-x32\...\AOMEI Dynamic Disk Manager Pro Edition_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{D03E7B00-CA85-4684-9321-1888873C34BD}) (Version: 6 - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}) (Version: - ArcSoft)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO TurboUSB for FLASH/HDD (HKLM-x32\...\UN130128) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data) (Version: - )
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data) (Version: - )
Canon LBP6030 6040 6018L Uninstaller (HKLM\...\Canon LBP6030 6040 6018L) (Version: 6, 1, 0, 0 - Canon Inc.)
Canon Pro9000 II series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_Pro9000_II_series) (Version: - )
Canon Pro9000 Mark II series User Registration (HKLM-x32\...\Canon Pro9000 Mark II series User Registration) (Version: - )
Canon Utilities Easy-PhotoPrint Pro (HKLM-x32\...\Easy-PhotoPrint Pro) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
ChessGenius Classic (HKLM-x32\...\ChessGenius Classic) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CyberLink InstantBurn 5 (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.9109Uninstall-WHCK - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.4218 - CyberLink Corp.)
CyberLink MediaShow 6 (HKLM-x32\...\InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}) (Version: 6.0.4521 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3328a - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.9729 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.4707 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4704.58 - CyberLink Corp.)
CyberLink PowerProducer 5.5 (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.5.3.4327 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAPlayer 1.0.1.8 (HKLM-x32\...\DAPlayer_is1) (Version: - Digiarty Software,Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect - 1 (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell System Detect (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Dropbox (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
DVD Ghost 2.62 (HKLM-x32\...\DVD Ghost 2.62_is1) (Version: - )
DVD Identifier (HKLM-x32\...\DVD Identifier_is1) (Version: 5.2.0 - Kris Schoofs)
DVD-CLONER V7.80 Build 1000 (HKLM-x32\...\DVD-CLONER VII_is1) (Version: 7.70.0.1000 - OpenCloner Inc.)
EPSON C120 User's Guide (HKLM-x32\...\Silent Package Run-Time Sample) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com)
Fresco Logic USB3.0 Host Controller (HKLM\...\{B25A87F2-EA64-4C60-9989-6442FFFAD5E2}) (Version: 3.5.100.0 - Fresco Logic Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
JamVOX (HKLM\...\{9BB301D9-C617-43DF-8CA1-AB1F63F64D51}) (Version: 3.03.0 - Korg Inc.)
JamVOX USB Driver (HKLM\...\JamVOX USB Driver) (Version: 2.00 - VOX)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LTspice IV (HKLM-x32\...\LTspice IV) (Version: - )
MailWasher (HKLM-x32\...\{8D4426EF-E37B-4B1B-B061-546D7172C67D}) (Version: 7.5 - Firetrust)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Agent (HKLM-x32\...\{AA951B10-7089-4D60-B288-516E641F48E6}) (Version: 4.0.0.1496 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 6.0.0.0 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}) (Version: 8.7.0 - McAfee, Inc.)
Micrologus Musician Training Center 1.8.1.9 (HKLM-x32\...\Micrologus_Musician_Training_Center_is1) (Version: 1.8.1.9 - Micrologus.com)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 45.0.1 (x64 en-US)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
MysticForest (HKLM-x32\...\{2AAFE1D7-9066-4183-B267-0398A3533E88}) (Version: 1.00.0000 - Phantom EFX)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OURLINK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0265 - )
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1045.0 - Passmark Software)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5963 - Realtek Semiconductor Corp.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4036 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TablEdit 2.75 (HKLM-x32\...\TablEdit Demo_is1) (Version: - TablEdit)
Virtual Fretboard (HKLM-x32\...\Virtual Fretboard) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 4.7 - Vuze Inc.)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ray\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ray\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FB07D01-E8A0-42F4-B3E5-B8F1CC3BBCFD} - System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52} => pcalua.exe -a D:\Driver\7_VISTA\275.33-desktop-win7-winvista-64bit-international-whql.exe
Task: {12820766-9C9E-452D-8E80-6E27CDD263FA} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {1684F6E7-C192-4B03-AFCF-CB35BA1E5DFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {176F912C-0935-48F5-88CE-3DC23F9A1C79} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {1E018890-FF0A-4B7C-A8E5-8C753D50A45B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {20A1B711-D38D-4C31-9E7E-220DBD08DE57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {218098AD-204A-4BF8-A211-A98F413E7453} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {2349A970-A2F4-450A-9954-646A0DBBCAD9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {255731CE-CEE8-4F82-8ECE-7E5512D6BF20} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {281379F8-D4D7-4298-9350-E018C123FEA3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2AEF5EE1-E7A4-43D4-8E56-E6CFD21610C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {31BC5EFE-32ED-4E6B-8B55-D0F1E8086D2C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34CAAF2F-6FA6-4D77-BE13-8F50E4DC2789} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {40F0DBA1-1E15-4783-8DBB-FF8AC16BE116} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {4112DEA9-9D6C-4196-8E07-EF1BA7935E0B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {496A082A-0382-4527-B287-C284E1C3982D} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {4ECA9BFB-6AD7-48AC-899E-58EF1589EFF3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {504DEA34-B44C-4C60-BB4F-CE64CC8BD8C3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {55383712-0181-429E-ACFF-4FE9E10F1218} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {55EF111B-A854-429C-845F-27E7402F1103} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {58B7F511-C029-4532-B7A1-67FE3BAA5A1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5A5F46F9-F735-44FA-B327-0457B853C0D9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5F472B18-A1D4-4CB3-94EC-6F563BD0B237} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {68B23F59-D249-41E3-97AC-BCAE8DD0D48F} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {6905FDAF-2D75-4D6D-AF57-456158F75353} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {835DA673-5FB6-4C37-BB9A-CC9F87CF3658} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {87FF79E8-25C5-43D0-8A47-0F3E45DE6557} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {894EEC49-095D-45D2-8425-C06016A4AC1F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8A2D57B5-B2FB-492B-9840-41220292A130} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8A44CD60-2FD1-4ABD-A95C-83FC134B48F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {8D79382E-20D8-4444-B3AD-65A4D6A61FAD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8EE6E127-3EBD-4ACB-BFA2-7B5DAAC19F39} - System32\Tasks\{809A0393-7442-41D6-AB89-70B3DFA92912} => pcalua.exe -a C:\Users\Ray\Downloads\ringmake_v531.exe -d C:\Users\Ray\Downloads
Task: {9482DE9A-A470-43A5-977A-A6BD3041177E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {95F19587-6CE6-4DE2-A423-6F419B84573F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {98B33ECD-3201-4B52-8998-EDD17BDEC688} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9AC13838-9377-4674-8601-2170C438CFE5} - System32\Tasks\{A803781C-A324-4234-A861-E1318D6E3E7D} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3AWI1X5B\jre-8u25-windows-i586 (2).com" -d C:\Users\Ray\Desktop
Task: {A3346EBC-F8B6-42D4-AF07-EA171AE8C6A6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {AFA7D8F0-7E69-4DA9-A142-3CB406A84077} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B2F183DC-1257-47C6-BB0B-2D8EBA846848} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {B51BCD91-A43E-4D37-8AA1-224570808998} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {B78F1747-F224-493D-9234-01F43F8E0993} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {B9399415-F354-4BD0-8F5C-5498B2355188} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {BCCAD97E-8572-460A-8D1C-70DCA2BEAB4A} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2012-05-24] (CyberLink)
Task: {BE5E237E-9D7F-4059-B3EC-4E69A03F32A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C0C00D81-B76D-49D6-9A70-DACF6EE9850B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C16A276A-5040-4053-94F8-42BC336F97DE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C7DE63D9-CF6B-457B-A8F2-3329A6ED6CEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {CA10127A-E594-4D2C-9653-8B6CE538F521} - System32\Tasks\{CA21B1D0-8C79-4D49-9EE2-F69D2A5B6D47} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWUPE96I\BluesDemo[1].exe" -d C:\Users\Ray\Desktop
Task: {CD01F7E8-97A4-4624-BC1B-9CAD3992DC4F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {CF2781AE-F090-44C6-B1F4-D13DA74BE474} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {D01E1EF7-AE0D-48E8-A464-F31CA02D0528} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\Windows\System32\GWX\GWXUXWorker.exe
Task: {D5AB4995-11A2-4596-A2EB-4C0367558DC2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D88AF8D7-12AE-4FBE-832F-D6F129680D00} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DD3D5AE0-80B1-46AF-9C9E-FEDF4D9DEC31} - \Express FilesUpdate -> No File <==== ATTENTION
Task: {E3F75F02-9E0B-4F0B-A7DB-F44316720E19} - System32\Tasks\{C3A433A7-9CD8-48D2-B2E2-A92A30E88320} => pcalua.exe -a C:\Users\Ray\Downloads\wincraps.exe -d C:\Users\Ray\Downloads
Task: {E4453540-9E15-498F-8D77-9B6DCD8C950A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-16] (Adobe Systems Incorporated)
Task: {E8A67BC0-C83A-4809-9D0D-7DC9DBDF825B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E93BB92A-4902-4EB2-B4A0-88896D4F61F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EB74EA61-C5B9-4589-A9E9-4B68FA58D6BD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F712C740-7D75-4B0C-AF8D-888D4926ABE5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1556054694-2950829292-1133922799-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FF7FDDD9-5AE6-4E1D-AC41-909F265065FD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core.job => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA.job => C:\Users\Ray\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001Core.job => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1556054694-2950829292-1133922799-1001UA.job => C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-29 23:18 - 2015-10-29 23:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-23 19:23 - 2014-12-12 17:24 - 00044760 _____ () C:\Windows\runSW.exe
2015-03-18 10:20 - 2010-08-19 01:43 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-05-24 04:28 - 2011-08-18 07:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2016-03-08 23:34 - 2016-03-08 23:34 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-09 09:33 - 2016-03-09 09:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-08 23:34 - 2016-03-08 23:34 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-08 23:34 - 2016-03-08 23:34 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2012-04-24 07:13 - 2012-04-24 07:13 - 01325656 _____ () C:\Program Files (x86)\VOX\JamVOX\JVExec.exe
2009-11-13 13:15 - 2009-11-13 13:15 - 01807600 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2009-12-15 20:14 - 2009-12-15 20:14 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2014-09-29 16:51 - 2014-09-29 16:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2016-03-17 03:40 - 2016-03-17 03:40 - 00472576 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\da13c0c9e4484063fac7ce3ca7674b52\VistaBridgeLibrary.ni.dll
2016-03-16 14:22 - 2016-03-16 14:22 - 26727616 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll
2015-10-29 23:18 - 2015-10-29 23:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 02138624 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\tor.exe
2009-12-15 20:14 - 2009-12-15 20:14 - 01169904 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-23 19:35 - 2013-02-27 17:17 - 00221184 _____ () C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\EnumDevLib.dll
2016-03-09 09:33 - 2016-03-09 09:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-03-09 09:33 - 2016-03-09 09:34 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-07-04 17:14 - 2012-07-04 17:14 - 01842288 _____ () C:\Program Files (x86)\CyberLink\Power2Go\Language\ENU\P2GRC.dll
2011-03-09 13:21 - 2011-03-09 13:21 - 00144680 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll
2011-12-15 03:22 - 2011-12-15 03:22 - 00018432 _____ () C:\Program Files (x86)\VOX\JamVOX\jamvoxdevice.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00275696 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00152816 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-11-13 13:15 - 2009-11-13 13:15 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2015-03-18 10:17 - 2012-07-02 09:39 - 33747472 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2015-03-18 11:47 - 2014-11-04 01:38 - 00867080 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2015-03-18 11:47 - 2013-12-09 23:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2015-03-18 11:47 - 2013-12-09 23:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2015-03-18 11:48 - 2014-11-03 23:07 - 01521272 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\fdtr.dll
2015-03-18 11:47 - 2013-12-09 23:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2015-03-18 11:47 - 2013-12-09 23:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2014-12-11 17:40 - 2014-12-11 17:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2015-12-10 19:27 - 2016-02-23 10:19 - 00034768 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-17 20:25 - 2016-02-23 10:20 - 00019408 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-17 20:25 - 2016-02-23 10:19 - 00116688 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-10 19:27 - 2016-02-23 10:19 - 00093640 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-10 19:27 - 2016-02-23 10:19 - 00018376 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-10 19:27 - 2016-03-11 16:18 - 00019760 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00105928 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-17 20:25 - 2016-02-23 10:19 - 00392144 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-10 19:27 - 2016-03-11 16:18 - 00381752 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-10 19:27 - 2016-02-23 10:19 - 00692688 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00020816 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 19:27 - 2016-02-23 10:20 - 00112592 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 01682760 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00020808 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-10 19:27 - 2016-03-11 16:18 - 00020800 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 19:27 - 2016-03-11 16:18 - 00021840 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00038696 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-17 20:25 - 2016-02-23 10:21 - 00020936 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00024528 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00114640 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00124880 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00021832 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00024016 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00175560 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00030160 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00043472 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00028616 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00048592 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00026456 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00057808 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00024016 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00117056 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00024392 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-17 20:25 - 2016-02-23 10:21 - 00036296 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\librsync.dll
2016-03-17 20:25 - 2016-03-11 16:18 - 00031568 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-03-17 20:25 - 2016-02-12 16:24 - 00293392 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-12-10 19:27 - 2016-03-11 16:18 - 00023376 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 19:27 - 2016-02-23 10:19 - 00134608 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-17 20:25 - 2016-02-23 10:19 - 00134088 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-17 20:25 - 2016-02-23 10:20 - 00240584 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00052024 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00020800 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00021824 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00019776 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00020800 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00020280 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-10 19:27 - 2016-02-23 10:21 - 00350152 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-19 06:21 - 2016-03-11 16:18 - 00022352 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00084792 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-17 20:25 - 2016-03-11 16:18 - 01826096 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-10 19:27 - 2016-02-23 10:20 - 00083912 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 03928880 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 01971504 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00531248 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00132912 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00223544 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00207672 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00158008 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00042808 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-17 20:25 - 2016-02-23 10:23 - 00017864 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-17 20:25 - 2016-02-23 10:23 - 01631184 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-10 19:27 - 2016-03-11 16:18 - 00024904 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00546096 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-17 20:25 - 2016-03-11 16:18 - 00357680 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 13:45 - 2016-02-23 10:25 - 00697304 _____ () C:\Users\Ray\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-02-18 14:19 - 2015-02-18 14:19 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPBridgeDLL.dll
2015-02-18 14:19 - 2015-02-18 14:19 - 04647424 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPappDLL.dll
2014-10-12 01:41 - 2014-10-12 01:41 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTBridge.dll
2014-10-12 01:41 - 2014-10-12 01:41 - 00272384 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTClientNode.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 00510788 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\libevent-2-0-5.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 00090112 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\zlib1.dll
1999-12-31 16:00 - 1999-12-31 16:00 - 00104451 _____ () C:\Users\Ray\Desktop\Tor Browser\Tor\libssp-0.dll
2009-12-15 20:13 - 2009-12-15 20:13 - 00588272 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
2009-11-15 20:58 - 2009-11-15 20:58 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\internet -> internet
IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\...\mcafee.com -> hxxps://mcafee.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2016-02-23 02:47 - 00000862 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win7 PURPLE 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: lfsvc => 3

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{11D67EAF-F737-49F4-AF90-50F4E5E8BA1F}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{A42E445E-0627-4D00-B41E-011BCBC8FE15}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{9E939A99-5436-4E6D-B94D-6845A84E54BF}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{45FF8649-5ECB-4C38-ABB0-EEA983E8B915}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{885A2B30-D80C-4AAA-84EF-31D3D4866D74}] => (Allow) C:\PROGRA~2\OURLINK\USBWIR~1\Rtldhcp.exe
FirewallRules: [{EB55E37B-932C-44A5-8AA6-D4605A3BB6E7}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{49096E75-38AE-4D34-A1EB-FFE35A56FB6A}] => (Allow) C:\Program Files (x86)\OURLINK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{064018EE-C6C7-488B-BBE4-9DF5BC3329C1}] => (Allow) LPort=53
FirewallRules: [{863BF5AE-0355-4433-A7C4-24773AD58D68}] => (Allow) LPort=1542
FirewallRules: [{32739C46-F1A5-4244-AC44-7186969475FB}] => (Allow) LPort=1542
FirewallRules: [{5DF5A503-15A8-430F-90EB-529009224591}] => (Allow) C:\PROGRA~2\OURLINK\USBWIR~1\RtWlan.exe
FirewallRules: [{324AFE7D-834E-4E5F-831F-85957227239B}] => (Allow) LPort=53
FirewallRules: [{568F6149-AA87-4743-A233-B4FF11D23A44}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A29C4DC-6BFF-441A-9676-64C381DD9503}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DAD79B1D-1B39-44C7-8950-6C5E70F062AC}] => (Allow) C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DA3D2AC6-2F60-4EBE-9F46-D8C051EDD356}] => (Allow) C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D12EBF44-70D1-45E6-A4BF-A390F62A9698}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{2EE909F2-44FB-4650-AE43-44109BF6DACA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{2F72FF99-B58C-4121-B3A8-77F45316594B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{42BAEA8B-59AF-41B6-81B4-57536E07C591}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{FFADF7B4-76A9-45FA-9AA4-94ADA2CD8E1A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{481CF093-4901-419A-9A99-3E16D98BBBF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{7DCB6A8B-6A7C-4FB3-9065-18805E91619B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0714E5D1-70A8-47E3-AA83-F35BDAFD1BA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4A1C6362-93B8-437B-AF58-763D874F5386}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F19E123F-3B5E-4AE1-8C9B-8570E44280FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BB77ABEE-2532-400A-8D08-81B04BD0E23B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9F4B4E7A-2E77-431B-BA29-375C0BE64FBC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{EDA69184-6799-467C-AFFE-16C3EACA9CAE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{10A97A62-A06C-4F62-9BD8-C9B308AA6C08}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{39D34609-1743-446A-B2B1-FBAE1EB9C3A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{86AD6ACE-B32D-4806-9814-A23D70DDA086}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D129A76C-B8F3-4321-9D86-85D0B3E0B259}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C95967FA-CF35-4A7A-91BA-2B3AE95756FB}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{9E0991F4-29F8-439B-AAC9-455113275615}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [UDP Query User{D6D81EE3-4982-4C3F-A91E-625056A334E7}C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [TCP Query User{FA1CD2F6-FF94-4AC1-938A-022329FA20A8}C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\ray\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{8FEC5B3C-6F14-4DCE-B4AD-09F478B8CD8B}C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{9B65024F-7761-46EC-9FF6-81643ACD8D9B}C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ray\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{16D03959-A088-47FC-82C1-E4BDBB4DCE4E}C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe] => (Block) C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe
FirewallRules: [TCP Query User{281FC336-849A-4CC6-B802-E98FC244676F}C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe] => (Block) C:\users\public\phantom efx\onlinecasino\launcher\olclauncher.exe
FirewallRules: [UDP Query User{934C35DC-E32F-4B8A-8DA9-CF5B7A8B7CDA}C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe] => (Allow) C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe
FirewallRules: [TCP Query User{9A05B043-D189-466C-B713-84631E0C97C1}C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe] => (Allow) C:\users\public\phantom efx\onlinecasino\bin\prelauncher.exe
FirewallRules: [UDP Query User{B91A05DA-AF05-49B8-AF95-B28E8E55EA90}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{2D0ADA38-622B-4097-BD41-25E08DB79457}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{961CEB59-5B72-401B-B73D-3149D72B3CA5}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{FBCB09E8-FFB8-46ED-BA4B-D55203D88B8E}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{E55FA8FE-BD3D-40B3-9AA9-C2338CCA60A3}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
FirewallRules: [{4BE415F9-3676-4CAC-A444-EB2AD100E4A5}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
FirewallRules: [{60EFF324-99C9-481A-8351-A5A9DB30FA16}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{B60E34CB-BD38-4365-9351-6A0143CAAA1D}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [UDP Query User{FB6F9235-97BC-41E1-B856-0E1DFC20965D}C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe] => (Block) C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe
FirewallRules: [TCP Query User{9158D2CA-550A-42F5-8CE2-9E084B55CFF9}C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe] => (Block) C:\users\ray\appdata\roaming\xyysl\ulqauqo.exe
FirewallRules: [{751025B7-2DBD-4C6E-BB4E-D0F89ED0705B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6CABC6D-CF4B-4CCE-9421-978EBB7C20C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{62547078-DCEB-4128-B9ED-1167CAB1FD1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{29680462-0D04-4A91-86F3-D576624EF6F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4D9A573B-F4DC-46B6-9AC6-EBF78E8AF96B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{B9153F9D-2ABC-4AF0-B94E-018524FCC7F7}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{20D39DED-8DFF-4A16-BF00-A60251D9D78F}] => (Allow) LPort=1900
FirewallRules: [{F3298623-C820-4974-A80D-49DD7330344F}] => (Allow) LPort=2869
FirewallRules: [{0D06E6BC-3FE0-4DD1-A3A5-A6778D6DA77A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8338AE51-6DF6-4413-AC97-4DFDD630BE79}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A9497C76-DC38-43C2-9FDD-3A06C5CB834D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0C152855-80E9-4D6B-8BCB-F787209DBB2A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E8B7A3E6-2473-400E-828D-73985F81443E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{49862C79-42F3-423A-B477-D8B07AE799F8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{BB0E56ED-5DC7-439F-BDD1-AE61FC876041}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe

==================== Restore Points =========================

15-03-2016 22:30:02 DCInstallRestorePoint
16-03-2016 12:36:34 Restore Operation

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2016 12:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x2890
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x2890
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x1dcc
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x1dcc
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x2d70
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x2d70
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0xec8
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0xec8
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc000041d
Fault offset: 0x00007777
Faulting process id: 0x2620
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5

Error: (03/23/2016 12:42:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Faulting module name: Roxio Burn.exe, version: 1.20.46.0, time stamp: 0x4b286c5a
Exception code: 0xc0000005
Fault offset: 0x00007777
Faulting process id: 0x2620
Faulting application start time: 0xRoxio Burn.exe0
Faulting application path: Roxio Burn.exe1
Faulting module path: Roxio Burn.exe2
Report Id: Roxio Burn.exe3
Faulting package full name: Roxio Burn.exe4
Faulting package-relative application ID: Roxio Burn.exe5


System errors:
=============
Error: (03/23/2016 09:48:39 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (03/23/2016 09:46:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (03/23/2016 09:43:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (03/23/2016 09:42:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe0010b52a060, 0xfffff8019fc61a90, 0xffffe0010b656b40)C:\WINDOWS\MEMORY.DMP95a27338-1a45-4bdc-8e70-ad2a064793d2

Error: (03/23/2016 09:42:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetMsmqActivator service failed to start due to the following error:
%%1053

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetPipeActivator service failed to start due to the following error:
%%1053

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetPipeActivator service to connect.

Error: (03/23/2016 09:42:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetMsmqActivator service to connect.


CodeIntegrity:
===================================
Date: 2016-03-23 12:28:22.953
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.722
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.711
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-23 12:28:22.673
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-21 23:10:03.112
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-21 23:10:03.101
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-21 23:10:03.074
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-18 12:01:45.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-18 12:01:45.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q9650 @ 3.00GHz
Percentage of memory in use: 49%
Total physical RAM: 8156.98 MB
Available physical RAM: 4091.86 MB
Total Virtual: 16348.98 MB
Available Virtual: 12243.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:289.15 GB) (Free:70.05 GB) NTFS
Drive i: (FTV) (CDROM) (Total:23.14 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 8A427EA7)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=8.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=289.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:32 PM

Posted 23 March 2016 - 08:10 PM

Thank you Ray.

Did you install LTspice IV?

There appears to be an issue with Roxio so I am going to have you uninstall it for now. I see you just installed it 2 days ago.

Please do these things.

===================================================

Uninstalling a Program using Add/Remove Program

--------------------

I recommend the uninstalling of the below listed program(s). If you desire to keep the program I would ask that you reinstall it following our efforts here.
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of installed programs will be displayed
  • Uninstall the following by clicking on the program(s) below (and any other similar names) and selecting Remove or Uninstall

Roxio Burn

  • Reboot your computer
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed youi will see Pending. Please check elements you don't want to remove above the progress bar
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

Junkware Removal Tool

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {5597C77E-1730-497C-B57F-A2A5F7FE9192} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {6868E8A0-7A0D-4314-A0A8-5B39A360B109} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => No File
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll => No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {00000000-0000-0000-0000-000000000000} - No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
2016-02-26 09:55 - 2016-02-26 11:12 - 00000000 ____D C:\ProgramData\Service1291
2016-02-26 09:55 - 2016-02-26 09:55 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-03-09 00:06 - 2015-03-17 20:52 - 00003292 _____ C:\WINDOWS\System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52}
2016-03-16 00:34 - 2016-03-16 12:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-16 00:34 - 2016-03-16 00:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {0FB07D01-E8A0-42F4-B3E5-B8F1CC3BBCFD} - System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52} => pcalua.exe -a D:\Driver\7_VISTA\275.33-desktop-win7-winvista-64bit-international-whql.exe
Task: {12820766-9C9E-452D-8E80-6E27CDD263FA} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {1684F6E7-C192-4B03-AFCF-CB35BA1E5DFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {176F912C-0935-48F5-88CE-3DC23F9A1C79} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {1E018890-FF0A-4B7C-A8E5-8C753D50A45B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {2349A970-A2F4-450A-9954-646A0DBBCAD9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2AEF5EE1-E7A4-43D4-8E56-E6CFD21610C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {31BC5EFE-32ED-4E6B-8B55-D0F1E8086D2C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {58B7F511-C029-4532-B7A1-67FE3BAA5A1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {68B23F59-D249-41E3-97AC-BCAE8DD0D48F} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {894EEC49-095D-45D2-8425-C06016A4AC1F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8A2D57B5-B2FB-492B-9840-41220292A130} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8A44CD60-2FD1-4ABD-A95C-83FC134B48F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {8D79382E-20D8-4444-B3AD-65A4D6A61FAD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
ask: {9AC13838-9377-4674-8601-2170C438CFE5} - System32\Tasks\{A803781C-A324-4234-A861-E1318D6E3E7D} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3AWI1X5B\jre-8u25-windows-i586 (2).com" -d C:\Users\Ray\Desktop
Task: {CA10127A-E594-4D2C-9653-8B6CE538F521} - System32\Tasks\{CA21B1D0-8C79-4D49-9EE2-F69D2A5B6D47} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWUPE96I\BluesDemo[1].exe" -d C:\Users\Ray\Desktop
Task: {D88AF8D7-12AE-4FBE-832F-D6F129680D00} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DD3D5AE0-80B1-46AF-9C9E-FEDF4D9DEC31} - \Express FilesUpdate -> No File <==== ATTENTION
Task: {E3F75F02-9E0B-4F0B-A7DB-F44316720E19} - System32\Tasks\{C3A433A7-9CD8-48D2-B2E2-A92A30E88320} => pcalua.exe -a C:\Users\Ray\Downloads\wincraps.exe -d C:\Users\Ray\Downloads
Task: {E8A67BC0-C83A-4809-9D0D-7DC9DBDF825B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-12-15] ()
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Install LTspice IV?
  • AdwCleaner log
  • Junkware log
  • Fixlog
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 stealth1

stealth1
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 23 March 2016 - 11:44 PM

LT Spice IV is an electronics circuit designer application, I use the app on occasion.

I got no results running the Junkware tool. I got a red screen with a flashing "_" cursor and nothing changed after ten minutes. Did I wait long enough?

Here are the log files you requested.

# AdwCleaner v5.105 - Logfile created 23/03/2016 at 20:06:22
# Updated 21/03/2016 by Xplode
# Database : 2016-03-23.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Ray - DELL-560
# Running from : C:\Users\Ray\Desktop\AdwCleaner (1).exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Application Updater
[-] Folder Deleted : C:\Program Files (x86)\Conduit
[-] Folder Deleted : C:\Program Files (x86)\Coupons
[-] Folder Deleted : C:\Program Files (x86)\Itibiti Soft Phone
[-] Folder Deleted : C:\Program Files (x86)\Safe Saver
[-] Folder Deleted : C:\Program Files (x86)\SereneScreen
[-] Folder Deleted : C:\ProgramData\Driver Boost
[-] Folder Deleted : C:\ProgramData\Trymedia
[-] Folder Deleted : C:\ProgramData\Service1291
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SereneScreen
[-] Folder Deleted : C:\Users\Ray\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Ray\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Ray\AppData\Roaming\ExpressFiles
[-] Folder Deleted : C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager

***** [ Files ] *****

[-] File Deleted : C:\END

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F464A68D-1CF2-4991-93AB-A84351D7F676}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{328D6F78-0DBB-4F17-ACD5-26A2EA4EF251}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\ExpressFiles
[-] Key Deleted : HKCU\Software\SereneScreen
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\Zugo
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\BrowserMngr
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\SereneScreen
[-] Key Deleted : HKLM\SOFTWARE\Trymedia Systems
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SereneScreen Marine Aquarium Lite_is1
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{961CEB59-5B72-401B-B73D-3149D72B3CA5}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{FBCB09E8-FFB8-46ED-BA4B-D55203D88B8E}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E55FA8FE-BD3D-40B3-9AA9-C2338CCA60A3}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4BE415F9-3676-4CAC-A444-EB2AD100E4A5}]

***** [ Web browsers ] *****

[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.BUTTON_STRUCTURE", "[{\"b\":224552173,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224552174,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.browser.search.defaultenginename.prev", "Google");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.browser.search.defaultenginename.savedPrev", "true");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.browser.search.selectedEngine.prev", "Yahoo");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.browser.search.selectedEngine.savedPrev", "true");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.browser.version.last", "39.0");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.competitorDNS", "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/[...]
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.firstKnownVersion", "7.18.7.19733");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=C1FBCD36-8142-460E-8C7C-10D1AC345F56&n=781b892b&p2=^0D^xdm108^YYA^us");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.initialized", true);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installKeysSource", "LocalStorage");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installType", "XPI");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.contextKey", "");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.dlpCountryCode", "US");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.installDate", "2015070507");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.partnerId", "^0D^xdm108^YYA^us");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.partnerSubId", "");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.pixelUrl", "hxxp://free.marineaquariumfree.com/install_pixels.jhtml?partner=^0D^xdm108^YYA^us&coId=421d54f096434b90a0802ad9f225f7f7&tbG[...]
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.success", true);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.installation.toolbarId", "C1FBCD36-8142-460E-8C7C-10D1AC345F56");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.isCompliantUninstallImplementation", true);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.lastActivePing", "1436750612794");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.lastKnownVersion", "7.18.7.19733");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.options.defaultSearch", false);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.options.homePageEnabled", false);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.options.keywordEnabled", true);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.options.tabEnabled", false);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.partnerPixelFired", true);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.successUrl", "hxxp://free.marineaquariumfree.com/installComplete.jhtml");
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.toolbar.ownSearch", true);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._57Members_.toolbarCollapsed", false);
[-] [C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\oeyrau31.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "marineaquariumfree@mindspark.com");

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [12557 bytes] - [23/03/2016 20:06:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [12706 bytes] - [23/03/2016 20:00:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12705 bytes] ##########

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Ray (2016-03-23 21:22:18) Run:1
Running from C:\Users\Ray\Desktop
Loaded Profiles: Ray (Available Profiles: Ray & steal & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {5597C77E-1730-497C-B57F-A2A5F7FE9192} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {6868E8A0-7A0D-4314-A0A8-5B39A360B109} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => No File
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll => No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {00000000-0000-0000-0000-000000000000} - No File
Toolbar: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
2016-02-26 09:55 - 2016-02-26 11:12 - 00000000 ____D C:\ProgramData\Service1291
2016-02-26 09:55 - 2016-02-26 09:55 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-03-09 00:06 - 2015-03-17 20:52 - 00003292 _____ C:\WINDOWS\System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52}
2016-03-16 00:34 - 2016-03-16 12:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-16 00:34 - 2016-03-16 00:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ray\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {0FB07D01-E8A0-42F4-B3E5-B8F1CC3BBCFD} - System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52} => pcalua.exe -a D:\Driver\7_VISTA\275.33-desktop-win7-winvista-64bit-international-whql.exe
Task: {12820766-9C9E-452D-8E80-6E27CDD263FA} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {1684F6E7-C192-4B03-AFCF-CB35BA1E5DFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {176F912C-0935-48F5-88CE-3DC23F9A1C79} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {1E018890-FF0A-4B7C-A8E5-8C753D50A45B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {2349A970-A2F4-450A-9954-646A0DBBCAD9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2AEF5EE1-E7A4-43D4-8E56-E6CFD21610C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {31BC5EFE-32ED-4E6B-8B55-D0F1E8086D2C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {58B7F511-C029-4532-B7A1-67FE3BAA5A1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {68B23F59-D249-41E3-97AC-BCAE8DD0D48F} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {894EEC49-095D-45D2-8425-C06016A4AC1F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8A2D57B5-B2FB-492B-9840-41220292A130} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8A44CD60-2FD1-4ABD-A95C-83FC134B48F4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {8D79382E-20D8-4444-B3AD-65A4D6A61FAD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
ask: {9AC13838-9377-4674-8601-2170C438CFE5} - System32\Tasks\{A803781C-A324-4234-A861-E1318D6E3E7D} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3AWI1X5B\jre-8u25-windows-i586 (2).com" -d C:\Users\Ray\Desktop
Task: {CA10127A-E594-4D2C-9653-8B6CE538F521} - System32\Tasks\{CA21B1D0-8C79-4D49-9EE2-F69D2A5B6D47} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWUPE96I\BluesDemo[1].exe" -d C:\Users\Ray\Desktop
Task: {D88AF8D7-12AE-4FBE-832F-D6F129680D00} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DD3D5AE0-80B1-46AF-9C9E-FEDF4D9DEC31} - \Express FilesUpdate -> No File <==== ATTENTION
Task: {E3F75F02-9E0B-4F0B-A7DB-F44316720E19} - System32\Tasks\{C3A433A7-9CD8-48D2-B2E2-A92A30E88320} => pcalua.exe -a C:\Users\Ray\Downloads\wincraps.exe -d C:\Users\Ray\Downloads
Task: {E8A67BC0-C83A-4809-9D0D-7DC9DBDF825B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-12-15] ()
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value removed successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5597C77E-1730-497C-B57F-A2A5F7FE9192}" => key removed successfully
HKCR\CLSID\{5597C77E-1730-497C-B57F-A2A5F7FE9192} => key not found.
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6868E8A0-7A0D-4314-A0A8-5B39A360B109}" => key removed successfully
HKCR\CLSID\{6868E8A0-7A0D-4314-A0A8-5B39A360B109} => key not found.
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => key removed successfully
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => key removed successfully
"HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => key removed successfully
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value not found.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => key not found.
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-0000-0000-0000-000000000000} => value removed successfully
HKCR\CLSID\{00000000-0000-0000-0000-000000000000} => key not found.
HKU\S-1-5-21-1556054694-2950829292-1133922799-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value not found.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} => value removed successfully
idsvc => service removed successfully
wpcsvc => service removed successfully
"C:\ProgramData\Service1291" => not found.
C:\ProgramData\28341ff220e0446c9fff27c4493d622e => moved successfully
C:\WINDOWS\System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52} => moved successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => key removed successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => key removed successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
"HKU\S-1-5-21-1556054694-2950829292-1133922799-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FB07D01-E8A0-42F4-B3E5-B8F1CC3BBCFD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FB07D01-E8A0-42F4-B3E5-B8F1CC3BBCFD}" => key removed successfully
C:\WINDOWS\System32\Tasks\{59B46DBB-9456-464F-B99F-903BB2C19C52} => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{59B46DBB-9456-464F-B99F-903BB2C19C52}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12820766-9C9E-452D-8E80-6E27CDD263FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12820766-9C9E-452D-8E80-6E27CDD263FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1684F6E7-C192-4B03-AFCF-CB35BA1E5DFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1684F6E7-C192-4B03-AFCF-CB35BA1E5DFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{176F912C-0935-48F5-88CE-3DC23F9A1C79}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{176F912C-0935-48F5-88CE-3DC23F9A1C79}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E018890-FF0A-4B7C-A8E5-8C753D50A45B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E018890-FF0A-4B7C-A8E5-8C753D50A45B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2349A970-A2F4-450A-9954-646A0DBBCAD9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2349A970-A2F4-450A-9954-646A0DBBCAD9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2AEF5EE1-E7A4-43D4-8E56-E6CFD21610C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AEF5EE1-E7A4-43D4-8E56-E6CFD21610C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31BC5EFE-32ED-4E6B-8B55-D0F1E8086D2C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31BC5EFE-32ED-4E6B-8B55-D0F1E8086D2C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58B7F511-C029-4532-B7A1-67FE3BAA5A1B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58B7F511-C029-4532-B7A1-67FE3BAA5A1B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68B23F59-D249-41E3-97AC-BCAE8DD0D48F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B23F59-D249-41E3-97AC-BCAE8DD0D48F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{894EEC49-095D-45D2-8425-C06016A4AC1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{894EEC49-095D-45D2-8425-C06016A4AC1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A2D57B5-B2FB-492B-9840-41220292A130}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A2D57B5-B2FB-492B-9840-41220292A130}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A44CD60-2FD1-4ABD-A95C-83FC134B48F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A44CD60-2FD1-4ABD-A95C-83FC134B48F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D79382E-20D8-4444-B3AD-65A4D6A61FAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D79382E-20D8-4444-B3AD-65A4D6A61FAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
ask: {9AC13838-9377-4674-8601-2170C438CFE5} - System32\Tasks\{A803781C-A324-4234-A861-E1318D6E3E7D} => pcalua.exe -a "C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3AWI1X5B\jre-8u25-windows-i586 (2).com" -d C:\Users\Ray\Desktop => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA10127A-E594-4D2C-9653-8B6CE538F521}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA10127A-E594-4D2C-9653-8B6CE538F521}" => key removed successfully
C:\WINDOWS\System32\Tasks\{CA21B1D0-8C79-4D49-9EE2-F69D2A5B6D47} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CA21B1D0-8C79-4D49-9EE2-F69D2A5B6D47}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D88AF8D7-12AE-4FBE-832F-D6F129680D00}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D88AF8D7-12AE-4FBE-832F-D6F129680D00}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DD3D5AE0-80B1-46AF-9C9E-FEDF4D9DEC31}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD3D5AE0-80B1-46AF-9C9E-FEDF4D9DEC31}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Express FilesUpdate => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3F75F02-9E0B-4F0B-A7DB-F44316720E19}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3F75F02-9E0B-4F0B-A7DB-F44316720E19}" => key removed successfully
C:\WINDOWS\System32\Tasks\{C3A433A7-9CD8-48D2-B2E2-A92A30E88320} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C3A433A7-9CD8-48D2-B2E2-A92A30E88320}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8A67BC0-C83A-4809-9D0D-7DC9DBDF825B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8A67BC0-C83A-4809-9D0D-7DC9DBDF825B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Desktop Disc Tool => value not found.


The system needed a reboot.

==== End of Fixlog 21:22:22 ====

Typing inside this reply is working perfectly. I will check and see what happens using Yahoo mail and Outlook and report the results back to you as soon as I've checked them.

#7 stealth1

stealth1
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 24 March 2016 - 12:16 AM

I just tested the typing responses in Yahoo mail and Outlook and also in the language learning app Duolingo. I am pleased to report that I had no problems typing in any of those apps! It appears that you have done your magic once again for me. I sincerely appreciate your expertise in solving my issue. Hopefully, you have removed whatever trash was wasting my time on this PC. Now, I hope to get fluent with Windows 10, it has been a challenge for me thus far.

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:32 PM

Posted 24 March 2016 - 08:13 AM

Hi Ray,

I am pleased to hear that and you are being far too kind.

Let's run these before we part ways.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Check Uninstall application on close
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Check log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 stealth1

stealth1
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 24 March 2016 - 12:10 PM

C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Safe Saver\33254.crx.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Safe Saver\33254.xpi.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Safe Saver\Safe Saver-bg.exe.vir a variant of Win32/Toolbar.CrossRider.H potentially unwanted application


Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 71
Java version 32-bit out of Date!
Adobe Flash Player 21.0.0.197
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MpCmdRun.exe
Online Games Manager ogmservice.exe
Firetrust MailWasher MailWasher.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````


Gary,

I just checked the typing condition in Yahoo mail and all is well, no problems, no skipped keystrokes and no sluggishness! GREAT!

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:32 PM

Posted 24 March 2016 - 04:04 PM

Hi Ray.

Those reports look good so we are all set.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and you may delete any programs or logs on your computer as a result of our efforts. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder. For everything else you simply delete the log files or desktop icons.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 stealth1

stealth1
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 24 March 2016 - 06:41 PM

Once again Gary, I can't thank you enough for your help. I recommend you guys to all my computer friends and relatives.

I will read the info you sent in your last post. I'm amazed at how easily we pick up these malwares. I try not to go anywhere on the Internet that I'm not already familiar with but sometimes, in a panic, searching for something, I guess I get hit with the bad stuff.

So, thanks a million and it was a pleasure having you assist me again!

Ray

#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:32 PM

Posted 24 March 2016 - 07:30 PM

You are welcome Ray. Hopefully we can just have social visits from now on. :)


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:32 PM

Posted 25 March 2016 - 08:39 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users