# Brand new computer, and i've screwed up!!



## migolfergirl (Oct 17, 2006)

HELP ME! (before I do something terrible....) 

BRAND NEW computer, getting ready to transfer files, trying to find update online, and accidentally hit the wrong download. My computer quickly downloaded all sorts of garbage....one program wouldn't stop long enough to delete it. I THINK I got it deleted, but I'm not sure.

I've stopped EVERYTHING until I know the machine is safe.

Can somebody take a look and tell me where I go from here?

I'm so embarrassed! Thank you.....

Deni S

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 4
RAM: 8143 Mb
Graphics Card: NVIDIA GeForce GT 720, 1024 Mb
Hard Drives: C: Total - 941813 MB, Free - 874027 MB;
Motherboard: Dell Inc., 0KWVT8
Antivirus: None

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:34:27 PM, on 5/12/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\Planner\PLNRnote.exe
C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\wkcalrem.exe
C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\deni\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [AddressBookReminderApp] C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\ReminderApp.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Event Planner Reminder 2008.lnk = ?
O4 - Global Startup: Event Planner Reminder.lnk = C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dell Click 2 Fix+ - Dell - C:\Program Files\Dell\Click 2 Fix+\srvc.exe
O23 - Service: Dell Data Services - Dell - C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9579 bytes


----------



## migolfergirl (Oct 17, 2006)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by deni (administrator) on DENI-PC on 12-05-2015 20:32:38
Running from C:\Users\deni\Downloads
Loaded Profiles: deni (Available profiles: deni)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\srvc.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\cust.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(TODO: <Company name>) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\Planner\PLNRnote.exe
(Creative Home) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\wkcalrem.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-05] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8925184 2014-12-22] (Dell Inc.)
HKLM\...\Run: [DellCApp] => C:\Program Files\Dell\Click 2 Fix+\capp.exe -l
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-01] ()
HKLM-x32\...\Run: [AddressBookReminderApp] => C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\ReminderApp.exe
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\...\Winlogon: [Shell] - <==== ATTENTION 
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-12-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder 2008.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder 2008.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\Shortcut_EventPlan_5D0DF1BBD82E4FB2B98E4FDE42EF7EBB.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe (Creative Home)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2015-05-12]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> DefaultScope {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL = 
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\deni\AppData\Roaming\Mozilla\Firefox\Profiles\cnn9kzj6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4289309018-589893681-2597226705-1000: @citrixonline.com/appdetectorplugin -> C:\Users\deni\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-12] (Citrix Online)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Dell Click 2 Fix+; C:\Program Files\Dell\Click 2 Fix+\srvc.exe [105792 2015-03-27] (Dell)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [75120 2015-03-04] (Dell)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-05] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-12-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6178304 2014-12-22] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-22] (Broadcom Corporation.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2015-05-12] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 20:32 - 2015-05-12 20:32 - 00012174 _____ () C:\Users\deni\Downloads\FRST.txt
2015-05-12 20:32 - 2015-05-12 20:32 - 00000000 ____D () C:\FRST
2015-05-12 20:31 - 2015-05-12 20:31 - 02102784 _____ (Farbar) C:\Users\deni\Downloads\FRST64.exe
2015-05-12 20:31 - 2015-05-12 20:31 - 02102784 _____ (Farbar) C:\Users\deni\Downloads\FRST64(1).exe
2015-05-12 20:31 - 2015-05-12 20:31 - 00001433 _____ () C:\Users\deni\Desktop\FRST64 - Shortcut.lnk
2015-05-12 19:41 - 2015-05-12 19:41 - 00509440 _____ (Tech Support Guy System) C:\Users\deni\Downloads\SysInfo.exe
2015-05-12 19:34 - 2015-05-12 19:34 - 00003120 _____ () C:\Windows\System32\Tasks\{40D89BE9-B224-4440-B7C0-612C0583251C}
2015-05-12 19:33 - 2015-05-12 19:34 - 00009580 _____ () C:\Users\deni\Downloads\hijackthis.log
2015-05-12 19:31 - 2015-05-12 19:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\deni\Downloads\HiJackThis.exe
2015-05-12 19:25 - 2015-05-12 19:25 - 02204160 _____ () C:\Users\deni\Downloads\adwcleaner_4.203.exe
2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\AdwCleaner
2015-05-12 19:17 - 2015-05-12 19:18 - 00003456 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2015-05-12 18:52 - 2015-05-12 18:52 - 00003192 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2015-05-12 18:52 - 2015-05-12 18:52 - 00000000 ____D () C:\Users\deni\AppData\Local\Pro_PC_Cleaner
2015-05-12 18:50 - 2015-05-12 18:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-12 18:48 - 2015-05-12 18:48 - 00670264 _____ () C:\Users\deni\Downloads\Setup(1).exe
2015-05-12 18:47 - 2015-05-12 19:19 - 00000000 ____D () C:\Users\deni\Documents\ProPCCleaner
2015-05-12 18:47 - 2015-05-12 18:47 - 00000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2
2015-05-12 18:45 - 2015-05-12 18:45 - 17593008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-05-12 18:45 - 2015-05-12 18:45 - 00670264 _____ () C:\Users\deni\Downloads\Setup.exe
2015-05-12 18:34 - 2015-05-12 18:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Macromedia
2015-05-12 18:31 - 2015-05-12 18:31 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-12 18:31 - 2015-05-12 18:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-12 18:31 - 2015-05-12 18:31 - 00002049 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-12 18:31 - 2015-05-12 18:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-12 18:30 - 2015-05-12 18:33 - 00000000 ____D () C:\Users\deni\AppData\Local\Adobe
2015-05-12 17:50 - 2015-05-12 17:50 - 00000264 _____ () C:\Windows\SysWOW64\winsusrm.dll
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\Windows\Sheriff_LicenseDB
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\Users\deni\Documents\Migration Lost and Found
2015-05-12 17:31 - 2015-05-12 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Digital Image Suite 2006
2015-05-12 17:29 - 2015-05-12 17:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Digital Image 2006
2015-05-12 17:27 - 2015-05-12 17:27 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-12 17:27 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\Program Files\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\iPod
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-12 17:24 - 2015-05-12 17:24 - 152362800 _____ (Apple Inc.) C:\Users\deni\Downloads\iTunes6464Setup.exe
2015-05-12 17:18 - 2015-05-12 17:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-05-12 17:14 - 2015-05-12 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-12 17:14 - 2015-05-12 17:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-05-12 17:13 - 2015-05-12 17:13 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-12 17:11 - 2015-05-12 17:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Users\deni\AppData\Local\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-12 17:10 - 2015-05-12 17:10 - 00000000 __RHD () C:\MSOCache
2015-05-12 17:06 - 2015-05-12 17:06 - 00001848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00001836 _____ () C:\Users\Public\Desktop\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Clip Gallery
2015-05-12 17:05 - 2015-05-12 17:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Home Publishing 2000
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\HCSShell
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\Creative Home
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\Avanquest North America
2015-05-12 16:50 - 2015-05-12 16:50 - 00185664 _____ (Dell) C:\Users\deni\Downloads\cutil.exe
2015-05-12 16:39 - 2015-05-12 16:52 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2015 Deluxe.lnk
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-12 15:22 - 2015-05-12 15:22 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2011 Deluxe.lnk
2015-05-12 15:01 - 2015-05-12 15:01 - 00000000 ____D () C:\Users\deni\AppData\Roaming\PCDr
2015-05-12 14:59 - 2015-05-12 14:59 - 11305624 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_21Y1M_WN_9.4.0.1016_A00.EXE
2015-05-12 14:58 - 2015-05-12 14:58 - 60349104 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_Y22PK_WN_9.0.0.1310_A00.EXE
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\Users\deni\AppData\Local\softthinks
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\ProgramData\softthinks
2015-05-12 14:58 - 2014-08-12 20:19 - 00000113 ____H () C:\DBAR_Ver.txt
2015-05-12 14:58 - 2013-01-24 06:57 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-05-12 14:56 - 2015-05-12 14:56 - 20595384 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_F81X8_WN_2.5.0.19_A02.EXE
2015-05-12 14:52 - 2015-05-12 14:52 - 00000000 ____D () C:\Users\deni\AppData\Roaming\DropboxOEM
2015-05-12 14:48 - 2015-05-12 14:48 - 00031152 _____ () C:\Windows\system32\Drivers\pmxdrv.sys
2015-05-12 14:47 - 2015-05-12 14:47 - 13942144 _____ () C:\Users\deni\Downloads\XPS_8700_BIOS_A10.EXE
2015-05-12 14:43 - 2015-05-12 14:43 - 00001806 _____ () C:\Users\Public\Desktop\Dell Click 2 Fix+.lnk
2015-05-12 14:43 - 2015-05-12 14:43 - 00000062 _____ () C:\SerialNumber.txt
2015-05-12 14:43 - 2015-05-12 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Click 2 Fix+
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\ProgramData\Citrix
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-05-12 14:38 - 2015-05-12 18:50 - 00000000 ____D () C:\Users\deni\AppData\Local\Citrix
2015-05-12 14:14 - 2015-05-12 14:14 - 00002270 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2006.lnk
2015-05-12 14:14 - 2015-05-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative Home
2015-05-12 13:51 - 2015-05-12 14:01 - 00000000 ____D () C:\ProgramData\Creative Home
2015-05-12 13:51 - 2015-05-12 13:51 - 00000027 _____ () C:\Users\deni\Documents\Hallmark Card Studio 2008.txt
2015-05-12 13:50 - 2015-05-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark
2015-05-12 13:50 - 2015-05-12 13:50 - 00002787 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2008 Deluxe.lnk
2015-05-12 13:46 - 2015-05-12 16:18 - 00000000 ____D () C:\Program Files (x86)\Creative Home
2015-05-12 13:42 - 2015-05-12 13:42 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Local\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieUserList
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieSiteList
2015-05-12 13:34 - 2015-05-12 15:02 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-05-12 13:34 - 2015-05-12 13:34 - 00003980 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-05-12 13:34 - 2015-05-12 13:34 - 00003192 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\Documents\Bluetooth Exchange Folder
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Intel Corporation
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Dell
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\DropboxOEM
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Broadcom
2015-05-12 13:33 - 2015-05-12 14:52 - 00000000 ____D () C:\Users\deni\AppData\Local\VirtualStore
2015-05-12 13:33 - 2015-05-12 13:33 - 00001415 _____ () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Macromedia
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Adobe
2015-05-12 13:31 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-12 13:31 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-12 13:31 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-12 13:31 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-12 13:30 - 2015-05-12 17:34 - 00160856 _____ () C:\Users\deni\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-12 13:30 - 2015-05-12 13:30 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2015-05-12 13:30 - 2015-05-12 13:30 - 00000020 ___SH () C:\Users\deni\ntuser.ini
2015-05-12 13:30 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-12 13:30 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-12 13:30 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-12 13:30 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-12 13:30 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-12 13:30 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-12 13:30 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-12 13:30 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-12 13:30 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-12 13:30 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-12 13:30 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-12 13:30 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-12 13:29 - 2015-05-12 13:33 - 00000000 ____D () C:\Users\deni

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 19:45 - 2014-12-22 02:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-12 19:27 - 2014-12-22 05:52 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-12 19:21 - 2009-07-13 21:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-12 19:21 - 2009-07-13 21:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-12 19:20 - 2014-12-22 05:52 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-05-12 19:19 - 2014-12-22 05:36 - 00434868 _____ () C:\Windows\WindowsUpdate.log
2015-05-12 19:18 - 2009-07-13 22:13 - 00781540 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-12 19:13 - 2014-12-22 05:53 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-12 19:13 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 19:13 - 2009-07-13 21:51 - 00041917 _____ () C:\Windows\setupact.log
2015-05-12 19:12 - 2010-11-20 20:47 - 00165352 _____ () C:\Windows\PFRO.log
2015-05-12 19:12 - 2009-07-13 21:45 - 00519336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-12 18:45 - 2014-12-22 02:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-12 18:45 - 2014-12-22 02:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-12 18:45 - 2014-12-22 02:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-12 18:45 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Resources
2015-05-12 17:18 - 2010-11-21 00:17 - 00000000 ____D () C:\Windows\ShellNew
2015-05-12 17:16 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2015-05-12 17:13 - 2014-12-22 05:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-12 17:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-12 17:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2015-05-12 15:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-12 15:03 - 2014-12-22 05:49 - 00000000 ____D () C:\Program Files\Dell
2015-05-12 15:02 - 2014-12-22 05:50 - 00000000 ____D () C:\ProgramData\PCDr
2015-05-12 14:58 - 2014-12-22 06:00 - 00009730 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-12 14:57 - 2014-12-22 05:59 - 00000000 ____D () C:\ProgramData\Dell
2015-05-12 14:50 - 2011-02-10 07:25 - 00000000 ____D () C:\dell
2015-05-12 13:35 - 2014-12-22 05:44 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-05-12 13:35 - 2014-12-22 05:42 - 00000000 ____D () C:\ProgramData\Intel
2015-05-12 13:29 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-12 13:14 - 2011-02-10 07:25 - 00000000 ____D () C:\Windows\panther

==================== Files in the root of some directories =======

2015-05-12 18:47 - 2015-05-12 18:47 - 0000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2

Some content of TEMP:
====================
C:\Users\deni\AppData\Local\Temp\0021401431482480mcinst.exe
C:\Users\deni\AppData\Local\Temp\ose00000.exe
C:\Users\deni\AppData\Local\Temp\Quarantine.exe
C:\Users\deni\AppData\Local\Temp\SpOrder.dll
C:\Users\deni\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-12 15:47

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by deni at 2015-05-12 20:32:58
Running from C:\Users\deni\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4289309018-589893681-2597226705-500 - Administrator - Disabled)
deni (S-1-5-21-4289309018-589893681-2597226705-1000 - Administrator - Enabled) => C:\Users\deni
Guest (S-1-5-21-4289309018-589893681-2597226705-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4289309018-589893681-2597226705-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Click 2 Fix+ (HKLM\...\Dell Click 2 Fix+_is1) (Version: 2.004.032.2554.03 - Dell)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{76966FD2-4189-41F1-9CF6-9D177B4DEC97}) (Version: 2.0.42.1 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.228 - Dell Inc.)
Hallmark Card Studio 2006 Deluxe (HKLM-x32\...\{3B901CB2-9DAF-43FC-BDD2-4149AF19381C}) (Version: 7.0.0.15 - Creative Home)
Hallmark Card Studio 2008 Deluxe (HKLM-x32\...\{747A6A10-DA58-48C2-A1F0-C15514419C8A}) (Version: 9.0.0.9 - Creative Home)
Hallmark Card Studio 2011 Deluxe (HKLM-x32\...\{62687EAC-F27D-49AC-A0E2-3899B0459113}) (Version: 12.0.1.7 - Hallmark Software)
Hallmark Card Studio 2015 Deluxe (HKLM-x32\...\{F2117332-1A36-4D3B-854D-A8D10735B4DF}) (Version: 16.0.0.10 - Creative Home)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Digital Image Suite 2006 (HKLM-x32\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Greetings 2000 (HKLM-x32\...\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}) (Version: 4.0.0000 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0 (x86 en-US)) (Version: 38.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5600 - Broadcom Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

12-05-2015 13:30:02 Windows Update
12-05-2015 13:45:53 Installed Hallmark Card Studio 2008 Deluxe.
12-05-2015 13:54:23 Installed Hallmark Card Studio 2006 Deluxe
12-05-2015 14:43:15 Pre Install Click 2 Fix+ restore point
12-05-2015 15:12:36 Installed Hallmark Card Studio 2011 Deluxe.
12-05-2015 16:03:39 Installed Hallmark Card Studio 2015 Deluxe.
12-05-2015 16:18:00 Installed Hallmark Card Studio 2015 Deluxe.
12-05-2015 17:04:53 Installed Microsoft Greetings 2000
12-05-2015 17:10:44 Installed Microsoft Office Professional 2007
12-05-2015 17:15:26 Configured Microsoft Office Professional 2007
12-05-2015 17:26:06 Installed iTunes
12-05-2015 17:28:48 Installed Microsoft Digital Image Suite 2006 Editor
12-05-2015 17:31:59 Installed Microsoft Digital Image Suite 2006 Library
12-05-2015 17:46:42 Installed IntelliMover
12-05-2015 18:50:34 Removed Citrix Online Launcher
12-05-2015 18:51:28 Removed IntelliMover
12-05-2015 19:16:57 Removed UpdateAdmin

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-03-27 14:56 - 00000732 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07C7F4D4-5654-42CA-8125-A495220FCA83} - System32\Tasks\{40D89BE9-B224-4440-B7C0-612C0583251C} => pcalua.exe -a C:\Users\deni\Downloads\HiJackThis.exe -d C:\Users\deni\Downloads
Task: {2C54E981-DF5B-4F18-B2C1-4DB2F462113A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-16] ()
Task: {33DBC4FE-DBA9-481F-BB68-BF12C6E5B5F2} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {35F7FF4A-55EF-4951-B7F1-6E342BD989B6} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {4B6E0074-A2D3-480C-AB2C-4543DC3C9302} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {55CBAC55-5E88-42AC-89C7-7F422EC660D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {A557D1BC-F1AA-485C-95AD-33CC345CF22E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B04C8213-1A3D-452D-BAE2-83EBA2C7117A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {CC904ACC-6D59-473E-88DE-5BBEA649E4BB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {DCEE23FE-231D-49CC-8676-7DEEC36B89A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-12] (Adobe Systems Incorporated)
Task: {FDB48244-E14A-4BA1-97AE-75C724E0A044} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-16] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-22 05:36 - 2014-01-07 17:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-12 14:43 - 2015-03-27 16:25 - 00925056 _____ () C:\Program Files\Dell\Click 2 Fix+\sqlite3.dll
2015-05-12 14:43 - 2015-03-27 16:23 - 00107328 _____ () C:\Program Files\Dell\Click 2 Fix+\nfapi.dll
2015-05-12 14:43 - 2015-03-27 16:24 - 00533336 _____ () C:\Program Files\Dell\Click 2 Fix+\ProtocolFilters.dll
2015-03-04 15:39 - 2015-03-04 15:39 - 00074168 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.Agent.Plugins.SinkEngine.dll
2015-03-04 15:39 - 2015-03-04 15:39 - 00045480 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.SinkEngine.Common.dll
2015-03-04 15:39 - 2015-03-04 15:39 - 00036280 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.SinkEngine.Configuration.dll
2014-12-22 05:52 - 2014-06-04 00:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-12-22 05:52 - 2014-06-04 00:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-12-22 05:52 - 2014-06-04 00:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00462160 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2014-12-22 05:52 - 2014-07-02 06:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-04-09 23:30 - 2014-04-09 23:30 - 00134664 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-05-12 14:58 - 2013-01-24 06:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00214352 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00114000 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2014-12-22 05:52 - 2014-07-30 02:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-12-22 05:52 - 2012-11-25 08:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-12-22 05:52 - 2012-11-25 08:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2015-05-12 18:33 - 2015-05-12 18:33 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ImagePath"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Classes\.exe: => <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\deni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{0E5EA1AD-20D7-432B-B810-8FBAC6C53CE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC4D6D66-9B02-4A92-8DE9-7924308F2665}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2871E918-E8A5-4B1D-A07E-CF668CB7EC4D}] => (Allow) C:\Program Files\Dell\Click 2 Fix+\cust.exe
FirewallRules: [{A020AA5F-BFFB-45A6-A826-2CCF06B7F7D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{831FA807-C5AF-4632-AADD-4B1D8E6D027F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{44EF1F9F-4D1C-4A42-9BC5-10C0503DEB3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08B4D39D-2472-46C0-A45F-42B38B654330}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F99AC4B2-2001-41FF-972D-DE7A09FCB87F}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2015 07:19:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ProPCCleaner.exe version 2.6.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 17b4

Start Time: 01d08d23290c212c

Termination Time: 16

Application Path: C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe

Report Id:

Error: (05/12/2015 07:14:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2015 05:28:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOASTER.EXE, version: 1.0.1.229, time stamp: 0x538dde51
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0003332f
Faulting process id: 0x1410
Faulting application start time: 0xTOASTER.EXE0
Faulting application path: TOASTER.EXE1
Faulting module path: TOASTER.EXE2
Report Id: TOASTER.EXE3

Error: (05/12/2015 05:28:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TOASTER.EXE
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 7708332F

Error: (05/12/2015 05:21:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2015 04:52:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cutil.exe, version: 1.0.0.1, time stamp: 0x5515298e
Faulting module name: cutil.exe, version: 1.0.0.1, time stamp: 0x5515298e
Exception code: 0xc0000005
Fault offset: 0x000000000001b033
Faulting process id: 0x238
Faulting application start time: 0xcutil.exe0
Faulting application path: cutil.exe1
Faulting module path: cutil.exe2
Report Id: cutil.exe3

Error: (05/12/2015 04:52:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cutil.exe, version: 1.0.0.1, time stamp: 0x5515298e
Faulting module name: cutil.exe, version: 1.0.0.1, time stamp: 0x5515298e
Exception code: 0xc0000005
Fault offset: 0x000000000001b033
Faulting process id: 0xdfc
Faulting application start time: 0xcutil.exe0
Faulting application path: cutil.exe1
Faulting module path: cutil.exe2
Report Id: cutil.exe3

Error: (05/12/2015 04:13:04 PM) (Source: MsiInstaller) (EventID: 11500) (User: deni-PC)
Description: Product: Hallmark Card Studio 2015 Deluxe -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (05/12/2015 04:13:02 PM) (Source: MsiInstaller) (EventID: 11500) (User: deni-PC)
Description: Product: Hallmark Card Studio 2015 Deluxe -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (05/12/2015 04:13:02 PM) (Source: MsiInstaller) (EventID: 11500) (User: deni-PC)
Description: Product: Hallmark Card Studio 2015 Deluxe -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

System errors:
=============
Error: (05/12/2015 07:12:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (05/12/2015 07:12:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (05/12/2015 07:12:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (05/12/2015 07:12:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/12/2015 07:01:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/12/2015 06:50:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {79701C41-C345-47EC-B57C-02C39A698A0D}

Error: (05/12/2015 05:19:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (05/12/2015 05:19:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (05/12/2015 05:19:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (05/12/2015 05:19:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 27%
Total physical RAM: 8143.22 MB
Available physical RAM: 5891.92 MB
Total Pagefile: 16284.63 MB
Available Pagefile: 13619.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.74 GB) (Free:853.32 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:11.73 GB) (Free:3.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 5498EDD3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


----------



## JSntgRvr (Jul 1, 2003)

Welcome. 

Please download the attached file and save it in the same directory as *FRST*.

Start *FRST* with Administrator privileges.
Press the *Fix* button.
When finished, a log file (*Fixlog.txt*) pops up and is saved to the same location the tool was run from.
Please copy and paste its contents in your next reply.








Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Download AdwCleaner from *here*. Save the file to the desktop.

*NOTE:* If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

*Close all open windows and browsers.*

*XP users:* Double click the *AdwCleaner* icon to start the program.
*Vista/7/8 users:* Right click the *AdwCleaner* icon on the desktop, click *Run as administrator* and accept the UAC prompt to run AdwCleaner.
You will see the following console:










Click the *Scan* button and wait for the scan to finish.
After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: *Pending. Please uncheck elements you don't want to remove.*
Click the *Clean* button.
*Everything checked* will be deleted.
When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this










On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to *C:\AdwCleaner\AdwCleaner[S0].txt*








Please download *Malwarebytes Anti-Malware* to your desktop

Double-click *mbam-setup-version.exe* and follow the prompts to install the program.
At the end, be sure a check-mark is placed next to the following:
*Enable free trial of Malwarebytes Anti-Malware Premium*
*Launch Malwarebytes Anti-Malware*

Then click *Finish*.
If an update is found, you will be prompted to download and install the latest version.
Once the program has loaded, select *Scan now*. Or select the *Threat Scan* from the Scan menu.
When the scan is complete , make sure that *everything* is set to "Quarantine", and click *Apply Actions*.
Reboot your computer if prompted.
Extra Note:

*If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.*

The log is available throughout History ->Application logs. Please post it contents in your next reply.


----------



## migolfergirl (Oct 17, 2006)

I hope this is alright with you. The brand, spanking new, just-out-of-the-box computer is actually OK....I THINK. I had the bright idea to just roll it back to just before I downloaded the ugly mess. It completed the restore just fine.

I tried that on this old, tired machine, and it did not restore. I am just barely able to get it work. It's running really slow, and one of the programs that is messed up is Firefox (it opens with some strange search engine called Cassieopea, or something similar.), and I can't even get it to remove the program in Control Panel. (???) So my thought is that I need to deep clean this old machine first, then check the new machine and make sure I'm safe to transfer files from this old dog to the newbie.

Will you hang with me and help me do this? (Pleeeze???)

Here is the info on this one, and I will attempt to run the tests on this old dog.

THANK YOU doesn't begin to cover my appreciation and gratitude!


----------



## migolfergirl (Oct 17, 2006)

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, x64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3036 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1294 Mb
Hard Drives: C: Total - 223377 MB, Free - 48670 MB;
Motherboard: Dell Inc., 0JJW8N
Antivirus: avast! Antivirus, Updated and Enabled


----------



## migolfergirl (Oct 17, 2006)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Professional x86
Ran by Deni on Wed 05/13/2015 at 11:30:17.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81FA428925F22ACB3A965
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09F45BAFAAE1D7546ED4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050B2E46B9C4B67A8F59577
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606D43BB064BD63CBD87E
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28C944FBC7579CF4949414
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3DC1468548785DC856EDA
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8D249B526503432F99D4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4BA46856BF57969F6A36
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56C49B56F6B83E293C15
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927C4E9B7BC1D3FD1E49F
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327DC64C9A8B641A9E89646

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/13/2015 at 11:32:58.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


----------



## migolfergirl (Oct 17, 2006)

I can't run AdwCleaner. I keep getting a box with this in it: (the generic search starts, and then this box pops up: AutoIt Error Line 15809 (File "C:\Users\Deni\Downloads\adwcleaner_4.204 (1).exe"):
Error: Subscript used on non-accessible variable.

I press OK, and the whole thing disappears and I'm back to my desktop. I've tried to launch it 3 or 4 times with same result.

:-(


----------



## JSntgRvr (Jul 1, 2003)

Skip AdwCleaner and continue.


----------



## migolfergirl (Oct 17, 2006)

OK....
I'll be right back with results...


----------



## migolfergirl (Oct 17, 2006)

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/13/2015
Scan Time: 12:09:25 PM
Logfile: MBAM 5.13.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.13.05
Rootkit Database: v2015.04.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Deni

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 427210
Time Elapsed: 41 min, 21 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{93106154-6ebc-3f46-9310-061546eb8551}, Quarantined, [81a8e6ad3753043236b447246d989e62],

Files: 5
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{93106154-6ebc-3f46-9310-061546eb8551}\hqghumeaylnlf.dat, Quarantined, [81a8e6ad3753043236b447246d989e62], 
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{93106154-6ebc-3f46-9310-061546eb8551}\25766a3c44aed7ec, Quarantined, [81a8e6ad3753043236b447246d989e62], 
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{93106154-6ebc-3f46-9310-061546eb8551}\25766a3c44aed7ec.lock, Quarantined, [81a8e6ad3753043236b447246d989e62], 
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{93106154-6ebc-3f46-9310-061546eb8551}\e88bcc69637a3038, Quarantined, [81a8e6ad3753043236b447246d989e62], 
PUP.Optional.SuperOptimizer.A, C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk, Quarantined, [e544c9ca55350630be2e1a513dc811ef],

Physical Sectors: 0
(No malicious items detected)

(end)


----------



## migolfergirl (Oct 17, 2006)

I'm nervous about not getting AdwCleaner to run....

Now what??


----------



## JSntgRvr (Jul 1, 2003)

Re-scan with FRST and post the *FRST.txt *(Main.txt) and the *Addiion.txt* logs


----------



## migolfergirl (Oct 17, 2006)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2015 01
Ran by Deni (administrator) on NEWFAMCOMP on 13-05-2015 18:17:40
Running from C:\Users\Deni\Desktop
Loaded Profiles: Deni (Available profiles: Deni & Guest)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\HCS.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM\...\Run: [WD Drive Manager] => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [430080 2008-05-16] (WDC)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7514656 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [296520 2014-12-04] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-01-27] (Apple Inc.)
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [TWC.Win7] => C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [C:/Program Files/Media Freeware/Free Youtube To MP4 Converter/Free Youtube To MP4 Converter.exe] => C:\Program Files\Media Freeware\Free Youtube To MP4 Converter\Free Youtube To MP4 Converter.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2012-03-27]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-12-04]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-25] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {9B21041F-37E4-49AF-B708-75DD245BEB5A} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Cassiopesa
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-09] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-03-09] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-12-04] (RealPlayer Cloud)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-04-08] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-12-04] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-12-04] (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566\searchplugins\cassiopesa.xml [2015-05-12]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-18]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: avast! EasyPass Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-02-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-13]
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-04]
FF HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-24]

Chrome: 
=======
CHR Profile: C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (No Name) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-12]
CHR Extension: (Google Wallet) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-25] (Avast Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PenCommService; C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2012-11-05] (Livescribe) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
S2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-04] (RealNetworks, Inc.)
S2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-05-16] (WDC) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-25] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-04-25] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-25] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [271248 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-25] ()
S3 JRAID; C:\Windows\system32\DRIVERS\jraid.sys [89048 2009-05-21] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [20480 2012-11-05] (Windows (R) Win 7 DDK provider) [File not signed]
S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror.sys [3328 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-28] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-25] (Avast Software)
R3 Wdm1; C:\Windows\System32\Drivers\usbbc.sys [15576 2003-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:17 - 2015-05-13 18:17 - 00019491 _____ () C:\Users\Deni\Desktop\FRST.txt
2015-05-13 18:17 - 2015-05-13 18:17 - 00000000 ____D () C:\Users\Deni\Desktop\FRST-OlderVersion
2015-05-13 13:51 - 2015-05-13 13:51 - 01307590 _____ () C:\Users\Deni\Documents\Thank bottom of my butt.hmk
2015-05-13 11:30 - 2015-05-13 11:30 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NEWFAMCOMP-Windows-7-Professional-(32-bit).dat
2015-05-13 11:25 - 2015-05-13 11:28 - 00000000 ____D () C:\Users\Deni\AppData\Local\AvastSupport
2015-05-12 23:11 - 2015-04-25 11:33 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-12 22:57 - 2015-05-12 22:57 - 00000000 ____D () C:\RegBackup
2015-05-12 20:56 - 2015-05-12 20:56 - 00000000 ____D () C:\ProgramData\f04b3c000005f06
2015-05-12 19:02 - 2015-05-12 23:05 - 00000000 ____D () C:\Users\Deni\AppData\Local\fiso
2015-05-12 18:47 - 2015-05-12 23:05 - 00000000 ____D () C:\Program Files\user extensions
2015-05-12 18:47 - 2015-05-12 18:47 - 00000064 _____ () C:\Users\Deni\AppData\Local\9aff5a1a12d9faf30fb9a5b935a39c40
2015-05-12 12:40 - 2015-05-12 12:40 - 01819136 _____ () C:\Users\Deni\Downloads\SQLServerCE31-EN.msi
2015-05-12 12:40 - 2015-05-12 12:40 - 01819136 _____ () C:\Users\Deni\Downloads\SQLServerCE31-EN(1).msi
2015-05-07 14:23 - 2015-05-07 14:23 - 01124072 _____ (Adobe Systems Incorporated) C:\Users\Deni\Downloads\readerdc_en_ha_install.exe
2015-05-07 13:34 - 2015-05-07 13:34 - 00008213 _____ () C:\Users\Deni\Documents\cher.aspx
2015-04-27 10:45 - 2015-04-27 10:45 - 00151552 _____ () C:\Users\Deni\Documents\Half envelope DOGWOOD w add.php
2015-04-27 10:23 - 2015-04-27 10:23 - 00903010 _____ () C:\Users\Deni\Documents\Thinking of you barlow.hmk
2015-04-25 11:33 - 2015-04-25 11:33 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-25 11:32 - 2015-04-25 11:32 - 00271248 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-04-24 13:58 - 2015-05-13 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:17 - 2014-08-23 15:28 - 01144320 _____ (Farbar) C:\Users\Deni\Desktop\FRST.exe
2015-05-13 18:17 - 2014-05-12 01:56 - 00000000 ____D () C:\FRST
2015-05-13 18:01 - 2010-02-05 16:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 15:05 - 2010-03-24 12:05 - 00001071 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-13 14:04 - 2015-03-25 16:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-13 13:57 - 2014-08-26 13:30 - 00750080 _____ () C:\Users\Deni\Documents\Half env DECKEDOUT GIRL add.php
2015-05-13 13:35 - 2014-04-23 17:35 - 00000027 _____ () C:\Users\Deni\Documents\Hallmark Card Studio 2008.txt
2015-05-13 13:01 - 2010-02-05 16:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 12:17 - 2009-07-13 21:55 - 01593726 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 11:59 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\TRAVEL
2015-05-13 11:45 - 2014-06-17 11:06 - 00000000 ____D () C:\AdwCleaner
2015-05-13 11:38 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 11:38 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 11:01 - 2013-04-09 13:35 - 00000000 ___RD () C:\Users\Deni\Dropbox
2015-05-13 11:01 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Dropbox
2015-05-13 10:59 - 2014-10-27 14:07 - 00005927 _____ () C:\Windows\setupact.log
2015-05-13 10:59 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 10:58 - 2009-10-29 18:33 - 01480206 _____ () C:\Windows\PFRO.log
2015-05-13 10:50 - 2013-04-09 13:35 - 00001020 _____ () C:\Users\Deni\Desktop\Dropbox.lnk
2015-05-13 10:50 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 23:58 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2015-05-12 23:55 - 2009-11-16 14:25 - 00000000 ____D () C:\Users\Deni
2015-05-12 23:15 - 2014-11-13 12:24 - 00002025 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-12 23:15 - 2014-11-13 12:24 - 00001965 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-05-12 23:15 - 2014-11-13 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-12 23:05 - 2015-03-25 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-12 23:05 - 2014-08-23 16:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-12 23:05 - 2012-06-23 09:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-12 23:05 - 2011-01-13 11:02 - 00000000 ____D () C:\Users\Guest
2015-05-12 23:05 - 2009-11-18 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntelliMover
2015-05-12 23:05 - 2009-11-18 10:16 - 00000000 ____D () C:\Program Files\IntelliMover
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\registration
2015-05-12 18:26 - 2014-09-05 10:24 - 00000000 ____D () C:\Users\Deni\AppData\Local\Adobe
2015-05-12 18:21 - 2006-07-31 08:31 - 00000171 _____ () C:\Users\Deni\default.pls
2015-05-12 16:03 - 2009-11-18 18:21 - 00000000 ____D () C:\Users\Deni\Documents\House and Garden SERVICES
2015-05-12 16:01 - 2006-06-21 13:58 - 00001198 _____ () C:\Users\Deni\Desktop\Wireless Network Info.txt
2015-05-12 12:41 - 2009-10-29 16:44 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-05-07 11:16 - 2010-09-27 12:04 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-27 10:33 - 2006-05-24 23:05 - 02302976 ___SH () C:\Users\Deni\Documents\Thumbs.db
2015-04-27 10:28 - 2012-12-19 21:15 - 00020670 _____ () C:\Users\Deni\Documents\Christmas Address List 2012 COMPLETE.xlsx
2015-04-26 17:23 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\RECIPES
2015-04-25 11:33 - 2014-04-23 14:05 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-25 11:33 - 2014-01-07 12:25 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-25 11:33 - 2013-03-04 10:37 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-25 11:33 - 2013-03-04 10:37 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-25 11:33 - 2012-02-24 01:42 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-25 11:33 - 2012-01-19 08:30 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-25 11:33 - 2012-01-19 08:29 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-25 11:32 - 2012-02-24 01:42 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-04-25 11:32 - 2012-01-19 08:29 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-24 16:19 - 2015-04-08 11:41 - 00000000 ____D () C:\Users\Deni\AppData\Local\CrashDumps
2015-04-24 13:11 - 2010-09-27 12:04 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2009-11-19 11:07 - 2009-11-19 11:07 - 0004632 _____ () C:\Program Files\0x0409.ini
2009-11-19 11:07 - 2009-11-19 11:07 - 0740864 _____ () C:\Program Files\1033.MST
2005-12-14 16:54 - 2001-03-15 09:58 - 1013507 _____ () C:\Program Files\ComedyCardStudioManual.pdf
2005-12-14 16:54 - 2003-03-31 23:13 - 0028125 ____N () C:\Program Files\Eula.txt
2009-11-19 11:07 - 2009-11-19 11:07 - 45639680 _____ () C:\Program Files\iPod for Windows 2006-06-28.msi
2009-01-09 23:52 - 2009-01-09 23:59 - 0000134 _____ () C:\Program Files\libmp3lame-win-3.98.2.zip
2002-01-26 01:36 - 2002-01-26 01:35 - 0002407 _____ () C:\Program Files\message3.txt
2005-12-14 16:54 - 2001-03-15 09:10 - 0011744 _____ () C:\Program Files\Original Copy of Eula.txt
2005-12-14 16:54 - 2001-03-16 11:17 - 0009493 _____ () C:\Program Files\Original Copy of readme.txt
2005-12-14 16:54 - 2003-03-31 23:12 - 0025178 ____N () C:\Program Files\readme.txt
2009-08-19 13:59 - 2009-08-19 13:59 - 0010066 _____ () C:\Program Files\taylormade rescue hybrid.jpg
2005-10-08 18:23 - 2005-10-08 18:23 - 0024406 _____ () C:\Program Files\Untitled.jpg
2010-04-21 12:32 - 2010-04-21 12:32 - 0000025 _____ () C:\Users\Deni\AppData\Roaming\bdfvconp.ini
2014-05-07 16:13 - 2014-05-07 16:13 - 0000035 _____ () C:\Users\Deni\AppData\Roaming\mbam.context.scan
2011-04-27 12:59 - 2011-04-27 13:13 - 0000077 _____ () C:\Users\Deni\AppData\Roaming\Rim.Desktop.Exception.log
2011-04-27 11:44 - 2011-04-27 11:44 - 0001147 _____ () C:\Users\Deni\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-05-12 18:47 - 2015-05-12 18:47 - 0000064 _____ () C:\Users\Deni\AppData\Local\9aff5a1a12d9faf30fb9a5b935a39c40
2014-07-25 12:46 - 2014-08-14 18:48 - 0159672 _____ () C:\Users\Deni\AppData\Local\ars.cache
2014-07-25 12:46 - 2014-08-14 18:48 - 0351087 _____ () C:\Users\Deni\AppData\Local\census.cache
2011-04-27 13:00 - 2011-04-27 13:00 - 0014848 _____ () C:\Users\Deni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-03-28 16:29 - 2007-03-28 16:29 - 0000127 _____ () C:\Users\Deni\AppData\Local\fusioncache.dat
2014-07-25 12:23 - 2014-07-25 12:23 - 0000036 _____ () C:\Users\Deni\AppData\Local\housecall.guid.cache
2012-03-27 14:40 - 2012-03-27 14:40 - 0000017 _____ () C:\Users\Deni\AppData\Local\resmon.resmoncfg
2014-07-25 12:37 - 2014-08-14 18:43 - 0000010 _____ () C:\Users\Deni\AppData\Local\sponge.last.runtime.cache
2011-07-23 16:36 - 2011-07-23 16:36 - 0000000 _____ () C:\Users\Deni\AppData\Local\{179C5815-782C-4F8F-88E5-D079AB43B531}
2010-09-27 12:05 - 2010-09-27 12:05 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-01-19 13:41 - 2009-01-19 13:41 - 0039705 _____ () C:\ProgramData\hprealign_log.txt
2009-11-18 12:20 - 2014-08-13 13:41 - 0063160 _____ () C:\ProgramData\hpzinstall.log
2009-11-18 12:20 - 2009-11-18 12:35 - 0001135 _____ () C:\ProgramData\Original Copy of hpzinstall.log
2014-11-24 16:35 - 2014-11-24 16:35 - 0000000 _____ () C:\ProgramData\PKP_DLec.DAT

Files to move or delete:
====================
C:\Users\Deni\SysInfo.exe

Some content of TEMP:
====================
C:\Users\Deni\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Deni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzx06um.dll
C:\Users\Deni\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Deni\AppData\Local\Temp\HPInstaller.exe
C:\Users\Deni\AppData\Local\Temp\HPPSdr.exe
C:\Users\Deni\AppData\Local\Temp\install.exe
C:\Users\Deni\AppData\Local\Temp\lowproc.exe
C:\Users\Deni\AppData\Local\Temp\Quarantine.exe
C:\Users\Deni\AppData\Local\Temp\SonosUpgrader.exe
C:\Users\Deni\AppData\Local\Temp\sqlite3.dll
C:\Users\Deni\AppData\Local\Temp\stubhelper.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-12 23:48

==================== End Of Log ============================


----------



## migolfergirl (Oct 17, 2006)

For some reason I can't find the additional.txt log.... Maybe it didn't run??


----------



## migolfergirl (Oct 17, 2006)

I RERAN IT:

Users shortcut scan result (x86) Version: 13-05-2015 01
Ran by Deni at 2015-05-13 18:50:57
Running from C:\Users\Deni\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk -> C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk -> C:\Program Files\Dell Inc\Dell Edoc Viewer\EDocs.exe (Dell Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk -> C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe (I.R.I.S. Image Recognition Integarted Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Greetings 2000.lnk -> C:\Program Files\Microsoft Home Publishing 2000\HPUB.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture It!.lnk -> C:\Program Files\Microsoft Picture It!\picture.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD DX.lnk -> C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player\Uninstall vanBasco's Karaoke Player.lnk -> C:\Program Files\vanBasco's Karaoke Player\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player\vanBasco's Karaoke Player Help.lnk -> C:\Program Files\vanBasco's Karaoke Player\vmidi_en.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player\vanBasco's Karaoke Player.lnk -> C:\Program Files\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos\Sonos.lnk -> C:\Program Files\Sonos\Sonos.exe (Sonos, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Home.lnk -> C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk -> C:\Program Files\Real\RealPlayer\realconverter.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Downloader.lnk -> C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk -> C:\Program Files\Real\RealPlayer\realtrimmer.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PictureProject In Touch Downloader\Uninstall.lnk -> C:\Program Files\PictureProject In Touch Downloader\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PictureProject\PictureProject Help.lnk -> C:\Program Files\Nikon\PictureProject\PictureProject.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PictureProject\PictureProject.lnk -> C:\Program Files\Nikon\PictureProject\NkbPProj.exe (Nikon Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic\PHOTOfunSTUDIO 5.0\Manual.lnk -> C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.0\Manual\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic\PHOTOfunSTUDIO 5.0\PHOTOfunSTUDIO 5.0.lnk -> C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.0\PHOTOfunSTUDIO.exe (Panasonic Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic\PHOTOfunSTUDIO 5.0\Readme.lnk -> C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.0\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic\Lumix\FH20_FH3_FH1\FH20_FH3_FH1 Operating Instructions.lnk -> C:\Program Files\Panasonic\Lumix\FH20_FH3_FH1\guideENG.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OverDrive Media Console\OverDrive Media Console.lnk -> C:\Windows\Installer\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}\_4ae13d6c.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Address Book.lnk -> C:\Program Files\Windows Mail\wab.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Calendar.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam\Microsoft LifeCam Help.lnk -> C:\Program Files\Microsoft LifeCam\MSWebCam.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam\Microsoft LifeCam.lnk -> C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Digital Image Suite 2006\Microsoft Digital Image Suite 2006 Editor.lnk -> C:\Program Files\Microsoft Digital Image 2006\pi.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Digital Image Suite 2006\Microsoft Digital Image Suite 2006 Library.lnk -> C:\Program Files\Microsoft Digital Image 2006\Pod.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Clip Gallery\Microsoft Clip Gallery.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\cagicon.76D90421_D2BE_11D2_99FF_0060B0EC3D2E.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Livescribe\Livescribe Helper.lnk -> C:\Program Files\Livescribe\LivescribeHelper\Livescribe Helper.exe (Livescribe)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPod\iPod Updater 2006-06-28\iPod Features Guide.lnk -> C:\Program Files\iPod\iPod Updater 2006-06-28\iPod Features Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPod\iPod Updater 2006-06-28\iPod Help.lnk -> C:\Program Files\iPod\iPod Updater 2006-06-28\iPod Help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPod\iPod Updater 2006-06-28\iPod nano Features Guide.lnk -> C:\Program Files\iPod\iPod Updater 2006-06-28\iPod nano Features Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPod\iPod Updater 2006-06-28\iPod Updater 2006-06-28.lnk -> C:\Program Files\iPod\iPod Updater 2006-06-28\iPod Updater 2006-06-28.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPod\iPod Updater 2006-06-28\README.lnk -> C:\Program Files\iPod\iPod Updater 2006-06-28\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntelliMover\File Transfer Utility.lnk -> C:\Program Files\IntelliMover\FileTransferUtility.exe (Detto Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntelliMover\Help.lnk -> C:\Program Files\IntelliMover\MIGRATION.HLP ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntelliMover\IntelliMover.lnk -> C:\Program Files\IntelliMover\launcher.exe (Detto Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntelliMover\User's Manual.lnk -> C:\Program Files\IntelliMover\UsersManual.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Solution Center.lnk -> C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Shop for HP Supplies.lnk -> C:\Program Files\HP\HPSSUPPLY\hpqSSupply.exe (Hewlett-Packard Development Company L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C8100 series\Help.lnk -> C:\Program Files\HP\Digital Imaging\help\aio38.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C8100 series\Product Support Website.lnk -> C:\Program Files\HP\Digital Imaging\hp photosmart C8100 series\help\HP Product Support Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C8100 series\Readme.lnk -> C:\Program Files\HP\Digital Imaging\help\PS_AIO_02_readme\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Smart Web Printing\HP Smart Web Printing Help.lnk -> C:\Program Files\HP\Digital Imaging\smart web printing\Help\hpsmartprint.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential 3.5\HP Photosmart Essential 3.5.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe (Hewlett-Packard Development Co. L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Event Planner 2008.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\SHORTCUT_EP_5D0DF1BBD82E4FB2B98E4FDE42EF7EBB.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Event Planner 2011.lnk -> C:\Windows\Installer\{62687EAC-F27D-49AC-A0E2-3899B0459113}\NewShortcut2_7616C32C536147138DD747D4706C8E83.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Hallmark Card Studio 2008 Deluxe.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\NewShortcut1_90225FF268554D0EB7CA39797C7BB0AE.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Hallmark Card Studio 2011 Deluxe.lnk -> C:\Windows\Installer\{62687EAC-F27D-49AC-A0E2-3899B0459113}\NewShortcut1_D5E9CA4A374E4012913F362CEAB4986F.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Backup and Recovery Manager.lnk -> C:\Windows\Installer\{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}\_A29302F7FE2033133C547D.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click'N Design 3D (V5)\Click'N Design3D (V5) Help.lnk -> C:\Program Files\Click'N Design 3D (V5)\CND3DV5.HLP ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click'N Design 3D (V5)\Quick Start Quide.lnk -> C:\Program Files\Click'N Design 3D (V5)\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry\BlackBerry Desktop Software.lnk -> C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry\Readme.lnk -> C:\Program Files\Research In Motion\BlackBerry Desktop\BlackBerry Desktop Software readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass\avast! EasyPass Editor.lnk -> C:\Program Files\Siber Systems\AI RoboForm\identities.exe (Siber Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass\Generate Passwords.lnk -> C:\Program Files\Siber Systems\AI RoboForm\passwordgenerator.exe (Siber Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass\TaskBar Icon.lnk -> C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass\Uninstall.lnk -> C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe (Siber Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\Music\Deni - Shortcut.lnk -> C:\Users\Deni ()
Shortcut: C:\Users\Deni\Links\Desktop.lnk -> C:\Users\Deni\Desktop ()
Shortcut: C:\Users\Deni\Links\Downloads.lnk -> C:\Users\Deni\Downloads ()
Shortcut: C:\Users\Deni\Links\Dropbox.lnk -> C:\Users\Deni\Dropbox ()
Shortcut: C:\Users\Deni\Documents\WDFirmwareUpdater-3\WDFirmwareUpdater-3 - Shortcut.lnk -> C:\Users\Deni\Documents\WDFirmwareUpdater-3 ()
Shortcut: C:\Users\Deni\Desktop\FH20_FH3_FH1 Operating Instructions.lnk -> C:\Program Files\Panasonic\Lumix\FH20_FH3_FH1\guideENG.pdf ()
Shortcut: C:\Users\Deni\Desktop\Guitar Practice.lnk -> C:\Users\Deni\Documents\STEVE GUITAR PRACTICE FOLDER\ppk05\index.html ()
Shortcut: C:\Users\Deni\Desktop\ITunes - Shortcut.lnk -> C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Libraries\ITunes.library-ms ()
Shortcut: C:\Users\Deni\Desktop\Kindle For PC.lnk -> C:\Users\Deni\AppData\Local\Amazon\Kindle For PC\application\KindleForPC.exe (Amazon.com)
Shortcut: C:\Users\Deni\Desktop\Microsoft Office - Shortcut (2).lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office ()
Shortcut: C:\Users\Deni\Desktop\Microsoft Office - Shortcut.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office ()
Shortcut: C:\Users\Deni\Desktop\MP900341295golf - Shortcut.lnk -> C:\Users\Deni\Downloads\MP900341295golf.jpg ()
Shortcut: C:\Users\Deni\Desktop\STEVE GUITAR PRACTICE FOLDER - Shortcut.lnk -> C:\Users\Deni\Documents\STEVE GUITAR PRACTICE FOLDER ()
Shortcut: C:\Users\Deni\Desktop\The Birthday Song - Shortcut.lnk -> C:\Users\Deni\Music\iTunes\iTunes Music\The Beatles\Unknown Album\The Birthday Song.mp3 ()
Shortcut: C:\Users\Deni\Desktop\vanBasco's Karaoke Player.lnk -> C:\Program Files\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Click'N Design 3D (V5).lnk -> C:\Program Files\Click'N Design 3D (V5)\CND3DV5.exe (Stomp)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Click'N Design3D (V5) Help.lnk -> C:\Program Files\Click'N Design 3D (V5)\CND3DV5.HLP ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WD Diagnostics\WD Diagnostics.lnk -> C:\Users\Deni\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe (InstallShield Software Corp.)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon Kindle For PC\Kindle For PC.lnk -> C:\Users\Deni\AppData\Local\Amazon\Kindle For PC\application\KindleForPC.exe (Amazon.com)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon Kindle For PC\Uninstall Kindle For PC.lnk -> C:\Users\Deni\AppData\Local\Amazon\Kindle For PC\application\uninstall.exe (Amazon.com)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Deni\Dropbox ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\vanBasco's Karaoke Player.lnk -> C:\Program Files\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\avast! Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Hallmark Card Studio 2011.lnk -> C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\HCS.exe ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Hallmark Card Studio 2008 Deluxe.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\Shortcut_HCS_Deskt_8532F2009901410FB1EB1860E5D5FB58.exe (Macrovision Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Digital Image Suite 2006 Editor.lnk -> C:\Program Files\Microsoft Digital Image 2006\pi.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Greetings 2000.lnk -> C:\Program Files\Microsoft Home Publishing 2000\HPUB.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sonos.lnk -> C:\Program Files\Sonos\Sonos.exe (Sonos, Inc.)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\Links\Desktop.lnk -> C:\Users\Guest\Desktop ()
Shortcut: C:\Users\Guest\Links\Downloads.lnk -> C:\Users\Guest\Downloads ()
Shortcut: C:\Users\Guest\Desktop\vanBasco's Karaoke Player.lnk -> C:\Program Files\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\vanBasco's Karaoke Player.lnk -> C:\Program Files\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Avast Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.)
Shortcut: C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk -> C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (Research In Motion)
Shortcut: C:\Users\Public\Desktop\Dell Backup and Recovery Manager.lnk -> C:\Windows\Installer\{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}\_8325CD9865E9486A8A7410.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Hallmark Card Studio 2008 Deluxe.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\Shortcut_HCS_Deskt_8532F2009901410FB1EB1860E5D5FB58.exe (Macrovision Corporation)
Shortcut: C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk -> C:\Program Files\HP\Diagnostics\PSDR\HPPSDr.exe ()
Shortcut: C:\Users\Public\Desktop\HP Solution Center.lnk -> C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\IntelliMover.lnk -> C:\Program Files\IntelliMover\launcher.exe (Detto Technologies)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Microsoft Greetings 2000.lnk -> C:\Program Files\Microsoft Home Publishing 2000\HPUB.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\OverDrive Media Console.lnk -> C:\Windows\Installer\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}\_2cd672ae.exe ()
Shortcut: C:\Users\Public\Desktop\Picture It!.lnk -> C:\Program Files\Microsoft Picture It!\picture.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\PictureProject.lnk -> C:\Program Files\Nikon\PictureProject\NkbPProj.exe (Nikon Corporation)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Roxio Creator Home.lnk -> C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe ()
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Sonos.lnk -> C:\Program Files\Sonos\Sonos.exe (Sonos, Inc.)

ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Real\RealPlayer\History\RealPlayer Daily Videos.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> hxxp://videos.real.com/rp/web_videos?cd=home&CB=client&firstrun=1&PT=FREE&OS=WinNT%206.1.7601&LP=en%2DUS&OC=R90R38&PV=17.0.15.10&PBR=10485800&LI=en&PN=RealPlayer&DC=R90R38&DT=041214&u=fa20c6da6eaa475f95e5b601a71a13c6#channel/BestOfWeb

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Audio.lnk -> C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe () -> /Launch Audio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Copy.lnk -> C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe () -> /Launch Copy
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Data.lnk -> C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe () -> /Launch Data
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Tools.lnk -> C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe () -> /Launch Tools
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Cloud.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PictureProject\PictureProject ReadMe.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) -> "C:\Program Files\Nikon\PictureProject\Readme.wri"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PictureProject\PictureProject Uninstall.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x9 UNINSTALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Digital Image Suite 2006\Microsoft Photo Story 3.1.lnk -> C:\Program Files\Microsoft Digital Image 2006\Pod.exe (Microsoft Corporation) -> -LPS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C8100 series\Add A Device.lnk -> C:\Program Files\HP\Digital Imaging\{988329F4-A1A1-4D51-803C-EF2725A97627}\hpzstub.exe (Hewlett-Packard) -> -addadevice -connectiontypes usb,wired,wireless
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C8100 series\Product Registration.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Company) -> "HP Photosmart C8100 series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C8100 series\Uninstall.lnk -> C:\Program Files\HP\Digital Imaging\{988329F4-A1A1-4D51-803C-EF2725A97627}\setup\hpzscr01.exe (Hewlett-Packard) -> -datfile hposcr21.dat -onestop
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential 3.5\Uninstall HP Photosmart Essential 3.5.lnk -> C:\Program Files\HP\Digital Imaging\photosmartessential\hpzscr01.exe (Hewlett-Packard) -> -datfile hpqbud13.dat
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} FEEDBACK=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click'N Design 3D (V5)\Click'N Design 3D (V5).lnk -> C:\Program Files\Click'N Design 3D (V5)\UNWISE.EXE () -> /W5 "C:\Program Files\Click'N Design 3D (V5)\INSTALL.LOG"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass\Search Box.lnk -> C:\Program Files\Siber Systems\AI RoboForm\identities.exe (Siber Systems) -> -sb
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass\Search Files.lnk -> C:\Program Files\Siber Systems\AI RoboForm\identities.exe (Siber Systems) -> -s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast SafeZone.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.) -> /sfzonebrowser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Deni\Desktop\Click'N Design 3D (V5).lnk -> C:\Program Files\Click'N Design 3D (V5)\UNWISE.EXE () -> /W6 "C:\Program Files\Click'N Design 3D (V5)\INSTALL.LOG"
ShortcutWithArgument: C:\Users\Deni\Desktop\Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WD Diagnostics\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Deni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Guest\Desktop\Click'N Design 3D (V5).lnk -> C:\Program Files\Click'N Design 3D (V5)\UNWISE.EXE () -> /W6 "C:\Program Files\Click'N Design 3D (V5)\INSTALL.LOG"
ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\Stop HP Product Survey Program Participation.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett-Packard Co.) -> /optout
ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Guest\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Public\Desktop\Avast SafeZone.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.) -> /sfzonebrowser
ShortcutWithArgument: C:\Users\Public\Desktop\RealPlayer Cloud.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /launch:desktop

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro on the Web.url -> hxxp://www.revouninstallerpro.com/
InternetURL: C:\Users\Deni\Favorites\2010 Belmont SIFE Ethics Essay Contest.url -> hxxp://belmontethicsessay.com/Belmont_Ethics_Essay/Ethics_Launch.html
InternetURL: C:\Users\Deni\Favorites\701-920-9636 - 7019209636 1-2.url -> hxxp://800notes.com/Phone.aspx/1-701-920-9636
InternetURL: C:\Users\Deni\Favorites\Adi Designs 4-inch Brim Roll Visor w- Velcro Overstock.com.url -> hxxp://www.overstock.com/Clothing-Shoes/Adi-Designs-4-inch-Brim-Roll-Visor-w-Velcro/3065375/product.html
InternetURL: C:\Users\Deni\Favorites\Advanced Beauty Products, Facts About Plastic Surgery - NewBeauty.com.url -> hxxp://www.newbeauty.com/
InternetURL: C:\Users\Deni\Favorites\Al's Ski Equipment Barn - '07 K2 T9 One Luv Women's Skis w-Marker M1 11.0 TC.url -> hxxp://www.untracked.com/p1303c18b37lr-Froogle-07_k2_t9_one_luv_womens_skis_w_marker_m1_110_tc.html
InternetURL: C:\Users\Deni\Favorites\Apparel & Accessories A good time to consign Edit or augment your wardrobe at local shops NWsource.url -> hxxp://www.nwsource.com/shopping/fashion/good-time-consign-edit-or-augment-your-wardrobe-local-shops
InternetURL: C:\Users\Deni\Favorites\Basket.url -> https://www.austads.com/austads/basket.asp?s_id=0&addto=1&mscssid=U7XSR9P5WFQ48NX8UVU04SF2ECUJ9DC7
InternetURL: C:\Users\Deni\Favorites\Beadweaving Videos at Jewelry Supply.com.url -> hxxp://www.jewelrysupply.com/diy_jewelry_making_videos/beadweaving_videos.html
InternetURL: C:\Users\Deni\Favorites\beauty supply center. comPureology NANOWORKS Conditioner 8.5oz.url -> hxxp://beautysupplycenter.com/28788.html
InternetURL: C:\Users\Deni\Favorites\Before and After Heaton Dainard Real Estate, LLC.url -> hxxp://www.heatondainard.com/before-and-after
InternetURL: C:\Users\Deni\Favorites\Best Cruises for Golf - Cruises - Cruise Critic.url -> hxxp://www.cruisecritic.com/articles.cfm?ID=199
InternetURL: C:\Users\Deni\Favorites\Best Luxury Ships - Cruises - Cruise Critic.url -> hxxp://www.cruisecritic.com/articles.cfm?ID=5
InternetURL: C:\Users\Deni\Favorites\Big Dividend Stock List.url -> hxxp://www.dividenddetective.com/big_dividend_list.htm
InternetURL: C:\Users\Deni\Favorites\Box LampsPlus.com.url -> hxxp://www.lampsplus.com/Products/s_box/page_1/
InternetURL: C:\Users\Deni\Favorites\Brown Faux Leather Large Lidded Box.url -> hxxp://www.holdnstorage.com/brown_faux_leather_large_lidded_box-ri_97193.htm
InternetURL: C:\Users\Deni\Favorites\Card Shop MikWright.url -> hxxp://www.mikwright.com/card-shop/
InternetURL: C:\Users\Deni\Favorites\Closet Accessories - ClearSystemsOnline.com.url -> hxxp://www.clearsystemsonline.com/index.php?osCsid=c7542e17b710f1dd32e34d75521608e4
InternetURL: C:\Users\Deni\Favorites\ColorTration liquid cover makeup and concealer out performs any cover cream..url -> hxxp://www.colortration.com/
InternetURL: C:\Users\Deni\Favorites\Decorations & Ornaments.url -> hxxp://christmastraditions.com/Themes/StPats/StPatMer.htm
InternetURL: C:\Users\Deni\Favorites\Decorative Boxes - Home Accents - Touch Of Class.url -> hxxp://www.touchofclass.com/category/home+accents/decorative+boxes.do?sortby=ourPicks&page=5
InternetURL: C:\Users\Deni\Favorites\Decorative Boxes, Canisters, Containers Bronson Design Studio.url -> hxxp://www.bronsondesign.com/Merchant2/merchant.mvc?
InternetURL: C:\Users\Deni\Favorites\Delta Travel Destinations, Maps, and Vacation Getaway Ideas.url -> hxxp://www.delta.com/planning_reservations/plan_flight/destinations/index.jsp
InternetURL: C:\Users\Deni\Favorites\detailsdirect.com clothing.url -> hxxp://www.detailsdirect.com/magento/tops/isda-co.html
InternetURL: C:\Users\Deni\Favorites\DrawerDecor - Customizable Drawer Organizer.url -> hxxp://www.drawerdecor.com/index.html
InternetURL: C:\Users\Deni\Favorites\EasyClosets.com - Accessories.url -> hxxp://www.easyclosets.com/accessories.aspx
InternetURL: C:\Users\Deni\Favorites\Fill A Seat - Member Area.url -> hxxp://www.fillaseatseattle.com/account/myaccount.php
InternetURL: C:\Users\Deni\Favorites\Five Great Things You Can Do With Text Messaging For Free Get Free 411 Directory Assistance By Text Message (SMS).url -> hxxp://cellphones.about.com/od/phoneownerscorner/ss/sbs-text-tricks_3.htm
InternetURL: C:\Users\Deni\Favorites\Free 411 Putting Google and Microsoft to the Test - PC World.url -> hxxp://www.pcworld.com/article/138798/free_411_putting_google_and_microsoft_to_the_test.html
InternetURL: C:\Users\Deni\Favorites\Free Guitar Lessons.url -> hxxp://www.fuzzymonkeytabs.com/
InternetURL: C:\Users\Deni\Favorites\Funny card pictures.url -> hxxp://www.lastminutecardkit.com/KitForHim.html
InternetURL: C:\Users\Deni\Favorites\Great Plant Picks.url -> hxxp://www.greatplantpicks.org/search.php
InternetURL: C:\Users\Deni\Favorites\Home & garden At furniture consignment shops, what's old is new -- and affordable NWsource.url -> hxxp://www.nwsource.com/shopping/home/home-garden/furniture-consignment-shops-whats-old-new-and-affordable
InternetURL: C:\Users\Deni\Favorites\Home Decor - Uttermost Jamil Traditional Box - UM-20721.url -> hxxp://www.arcadianlighting.com/um-20721.html
InternetURL: C:\Users\Deni\Favorites\HP Instant Care.url -> hxxp://h20364.www2.hp.com/CSMWeb/customer/ChatUser.aspx?User=Deni%20Sutherland&caseID=4856875&callfrom=null&region=NA&country=US:US&origin=acc
InternetURL: C:\Users\Deni\Favorites\http--www.greatgardenplants.com-index.phpfa=PAGE.view&pageId=723.url -> hxxp://www.greatgardenplants.com/index.php?fa=PAGE.view&pageId=723
InternetURL: C:\Users\Deni\Favorites\http--www.vacationrentals.com-.url -> hxxp://www.vacationrentals.com/
InternetURL: C:\Users\Deni\Favorites\IMAX Milanese Woven Leather Round Box - 24094.url -> hxxp://www.accent-furniture-direct.com/IMAX-24094-IMX1538.html
InternetURL: C:\Users\Deni\Favorites\Intervention for Alcoholism and Other Addictions.url -> hxxp://www.bma-wellness.com/papers/Intervention.html
InternetURL: C:\Users\Deni\Favorites\Join Our Weight Loss Community at KimBensen.com Kim Bensen.url -> hxxp://kimbensen.com/membership
InternetURL: C:\Users\Deni\Favorites\Karen Kane Cece Skinny Jean - Belk.com.url -> hxxp://www.belk.com/AST/Main/Belk_Primary/Women/Shop/Jeans/ShopByLegStyle/Straight_Leg/PRD~1800556L57072/Karen+Kane+Cece+Skinny+Jean.jsp?off=0
InternetURL: C:\Users\Deni\Favorites\Kicking Cancer's *** Greeting Card from Zazzle.com.url -> hxxp://www.zazzle.com/kicking_cancers_***_card-137761710581642106
InternetURL: C:\Users\Deni\Favorites\Maddon Inc. Contact Mr. Gilles Blais Free Company Directory info, tel, Address, Contact, (Co Ltd-Part-Inc-Mr.-Miss)..url -> hxxp://companyonfree.com/company_coltd.php?company_id=c389561&Maddon-Inc.
InternetURL: C:\Users\Deni\Favorites\Makaha vacation condo rental Ultimate Affordable Condo for a great summer on the Beach.url -> hxxp://www.homeaway.com/vacation-rental/p147656
InternetURL: C:\Users\Deni\Favorites\Maui Golf Course Discounts and Tee Times Create Your Own Maui Golf Vacation Package.url -> hxxp://www.hawaiigolfdeals.com/maui.html
InternetURL: C:\Users\Deni\Favorites\Medical Sales Recruiter - Tips & Quips.url -> hxxp://www.phcconsulting.com/WordPress/
InternetURL: C:\Users\Deni\Favorites\Mega Tek Hair Growth.url -> hxxp://www.valleyvet.com/ct_detail.html?pgguid=30e07c61-7b6a-11d5-a192-00b0d0204ae5
InternetURL: C:\Users\Deni\Favorites\Microsoft Picture It! Home Page.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=pictureit&ar=home&plcid=0x0409
InternetURL: C:\Users\Deni\Favorites\Modems Signal.url -> hxxp://192.168.100.1/signal.html
InternetURL: C:\Users\Deni\Favorites\MSN.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.0&ar=IStart
InternetURL: C:\Users\Deni\Favorites\nwsource Guides to the best Seattle stores, boutiques and shopping.url -> hxxp://www.nwsource.com/shopping/guides/localbargains_040804.html
InternetURL: C:\Users\Deni\Favorites\nwsource.com Seattle cheap chic boutiques -- where to shop for cute designer clothes at bargain prices.url -> hxxp://www.nwsource.com/shopping/guides/cheapchic_070805.html
InternetURL: C:\Users\Deni\Favorites\o2gearshop.com.url -> hxxp://www.o2gearshop.com/catalog/product_info.php?cPath=2&language=en&currency=USD&products_id=8474
InternetURL: C:\Users\Deni\Favorites\Ojai Valley Inn & Spa (Ojai, California) - Bed & Breakfast.url -> hxxp://www.perfectescapes.com/Luxury_Hotel_Deals-PID168-OID879-Ojai_California-Ojai_Valley_Inn_and_Spa.html
InternetURL: C:\Users\Deni\Favorites\OnWineTime.com - Rancilio Silvia V3 Semi-Automatic Espresso Machine..url -> hxxp://www.onwinetime.com/ProductDetails.asp?ProductCode=SILVIA%20V3&cvsfa=2298&cvsfe=2&cvsfhu=53494c564941205633
InternetURL: C:\Users\Deni\Favorites\other text title on bags-and-shoes.net.url -> hxxp://bags-and-shoes.net/about_us.php
InternetURL: C:\Users\Deni\Favorites\Parcel Viewer Main Help.url -> hxxp://www.kingcounty.gov/operations/GIS/PropResearch/ParcelViewer/PV_help.aspx
InternetURL: C:\Users\Deni\Favorites\PHS Gold Medal Plant Award Program.url -> hxxp://www.goldmedalplants.org/gmpwinners.aspx
InternetURL: C:\Users\Deni\Favorites\Prescription drugs, Generic medicines, online indian Pharmacy.url -> hxxp://www.alldaychemist.com/
InternetURL: C:\Users\Deni\Favorites\Pureology Shampoo & Conditioner Hair Care Products.url -> hxxp://www.salonsavings.com/pureology/
InternetURL: C:\Users\Deni\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Users\Deni\Favorites\Rancilio Silvia V3 Espresso Machine New 2009 Upgrade JL Hufford.url -> hxxp://www.jlhufford.com/ProductDetails.asp?ProductCode=rancilio-silvia-v3&gclid=CNLM6eaGhKECFRFcbQodD1xAiw
InternetURL: C:\Users\Deni\Favorites\Rhapsody Candles Catalog.url -> hxxp://www.rhapsodycandles.com/catalog/Breathe-Easy-Lustre/175/0/product_cat/index.html
InternetURL: C:\Users\Deni\Favorites\Shape Anatomy - MyShape.url -> https://www.myshape.com/shop/shape-anatomy/shape-s
InternetURL: C:\Users\Deni\Favorites\Shipping & Returns LeatherCult.com, Leather Jeans Jackets Suits.url -> hxxp://www.leathercult.com/index.php?main_page=shippinginfo
InternetURL: C:\Users\Deni\Favorites\shopbop.com.url -> hxxp://www.shopbop.com/ci/3/lp/my-shopbop.html
InternetURL: C:\Users\Deni\Favorites\Shopping A few more furniture consignment shops to consider NWsource.url -> hxxp://www.nwsource.com/shopping/blog/few-more-furniture-consignment-shops-consider?utm_source=twitterfeed&utm_medium=twitter
InternetURL: C:\Users\Deni\Favorites\Slate Mosiac Stone Little Box 19184.url -> hxxp://www.google.com/products/catalog?q=slate+box&rls=com.microsoft:en-us:IE-SearchBox&oe=UTF-8&sourceid=ie7&rlz=1I7ADSA_en&um=1&ie=UTF-8&cid=13605013616572457430&ei=yrKnS4-0H4-gswPooM3ZAw&sa=X&oi=product_catalog_result&ct=result&resnum=11&ved=0CCcQ8wIwCg
InternetURL: C:\Users\Deni\Favorites\Stack 'emâ„¢ Wood Jewelry Organizer for Rings and Earrings - Axis 2701.url -> hxxp://www.axisorganizers.com/product-p/2701.htm
InternetURL: C:\Users\Deni\Favorites\Stop, You're Killing Me!.url -> hxxp://www.stopyourekillingme.com/index.html
InternetURL: C:\Users\Deni\Favorites\Taylor Made Burner High Launch Fairway Wood 5 Wood 18 Degree Used Golf Club at GlobalGolf.com.url -> hxxp://www.globalgolf.com/product/golfclub/-/pid--1014235/fairway-wood/taylor-made/burner-high-launch.aspx?gd=3&sft=2&flx=4
InternetURL: C:\Users\Deni\Favorites\The Espresso Shot brought to you by Chris Hardin.url -> hxxp://www.theespressoshot.com/
InternetURL: C:\Users\Deni\Favorites\The Top Five Caribbean Cruise Lines.url -> hxxp://www.luxist.com/2010/01/21/the-top-five-caribbean-cruises/
InternetURL: C:\Users\Deni\Favorites\The Way the Cookie Crumbles » Blog Archive » caesar salad.url -> hxxp://www.crumblycookie.net/2011/03/24/caesar-salad-2/
InternetURL: C:\Users\Deni\Favorites\Top Dividend Stocks for 2010.url -> hxxp://caps.fool.com/Blogs/ViewPost.aspx?bpid=363873&t=01002863924178546020
InternetURL: C:\Users\Deni\Favorites\Treasury Of Health Secrets.url -> hxxp://www.bottomlinesecrets.com/store/mags/order_ths_mag_h.html?am=1&l=3&sk=342576&sid=N052410E8B&ac=pharmcardbp
InternetURL: C:\Users\Deni\Favorites\Ulka Pump Repair.url -> hxxp://ulkapumprepair.blogspot.com/
InternetURL: C:\Users\Deni\Favorites\Unscented Decorative Pillars- BarnLoftCandles.com.url -> hxxp://www.barnloftcandles.com/cgi-bin/BarnLoftCandles/BarnLoftCandles.cgi?action=enter&thispage=deco_pillars.html&ORDER_ID=!ORDERID!
InternetURL: C:\Users\Deni\Favorites\Web Events.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=5.2&os=&over=&olcid=&clcid=&ar=Media&sba=Showcase&o1=&o2=&o3=
InternetURL: C:\Users\Deni\Favorites\Welcome to Bead Factory.url -> hxxp://www.beadsfactory.com/products/?sfID1=20&sfID2=249&productID=1243
InternetURL: C:\Users\Deni\Favorites\Women's faux fur coats and jackets Fabulous-Furs.url -> hxxp://fabulousfurs.com/womens/c/200/ipp/5000/action/showall/
InternetURL: C:\Users\Deni\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Deni\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Deni\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Deni\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\AA2G serum - Skin Care Talk Community.url -> hxxp://www.skincaretalk.com/a/aa2g-serum
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Airless Bottles.url -> hxxp://www.cprsale.com/index.php/category/airless-bottles/page_1/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Airless Dispenser Mini - Black & White.url -> hxxp://www.newdirectionsaromatics.ca/airless-dispenser-mini-bottles-black-white-p-1554.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Anti-aging Vitamin C Serum - YouTube.url -> hxxp://www.youtube.com/watch?v=gSWg2piAoOs
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Ascorbic Acid vs. Ascorbyl Palmitate (2008) Melbourne Dermatology Skin Care.url -> hxxp://www.treatment-skincare.com/Ascorbic-Acid/Acid-vs-Palmitate.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Ascorbyl Palmitate (Vitamin C Ester).url -> hxxp://www.essentialwholesale.com/s.nl/sc.9/category.132186/.f
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Batch Size Calculator.url -> hxxp://skinessentialactives.blogspot.com/p/batch-size-calculator-percentage.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\bulkactives skin actives and ingredients for DIY skin care.url -> hxxp://www.bulkactives.com/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\BUTYLENE GLYCOL Skin Deep® Cosmetics Database Environmental Working Group.url -> hxxp://www.ewg.org/skindeep/ingredient.php?ingred06=700861
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\ClarityRx Expert's Message Board!.url -> hxxp://messageboard.clarityclinicalskincare.com/2010/06/23/welcome-to-our-clarityrx-experts-message-board-2.aspx
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\DIY CEF Vitamin C Skin Serum for Beginners - YouTube.url -> hxxp://www.youtube.com/watch?v=cwwdk9scG64&feature=related
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\DIY cosmetics llc INGREDIENTS.url -> hxxp://www.diycosmetics.com/naturajel/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\DIY recipes.url -> hxxp://www.makeupalley.com/account/sn.asp?username=DuchessofGrapes&
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\DIY Skin Care SEA Lab SEA Lab.url -> hxxp://skinessentialactives.blogspot.com/2011/12/sea-lab.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\DIY Skin Care SEA Lab Solubility Chart.url -> hxxp://skinessentialactives.blogspot.com/p/solubility-chart.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\DIY Skin Care SEA Lab.url -> hxxp://skinessentialactives.blogspot.co.uk/search?updated-min=2012-01-01T00:00:00-08:00&updated-max=2013-01-01T00:00:00-08:00&max-results=2
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\DIY Vitamin C Tutorial You've Got Nail.url -> hxxp://www.youvegotnail.com/?p=3395
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Glass & Plastic Bottles Glass Jars Sunburst Bottle.url -> hxxp://www.sunburstbottle.com/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\http--www.specialtybottle.com-index.aspx.url -> hxxp://www.specialtybottle.com/index.aspx
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Hyaluronic Acid bulk.url -> hxxp://synovialabs2.com/Moisturizers_c4.htm
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Hyaluronic Acid SLMW - Lotioncrafter LLC.url -> hxxp://www.lotioncrafter.com/hyaluronic-acid-slmw.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Indie Beauty Business Community - Enjoy Your Life! Build Your Business! Have Your Way!.url -> hxxp://indiebeauty.com/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Indie Beauty Business Community -!.url -> hxxp://indiebeauty.com/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Jan Marini C-ESTA Serum vs. Skinceuticals C E Ferulic Melbourne Dermatology Skin Care.url -> hxxp://www.treatment-skincare.com/Jan-Marini/C-ESTA/C-ESTA-vs-CE-Ferulic.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Liposuction West Palm Beach Botox Wellington Laser Hair Removal Juvederm Restylane Lake Worth.url -> hxxp://www.epilution.com/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\MAKING COSMETICS.com.url -> hxxp://www.makingcosmetics.com/aboutus-4.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\MAKING YOUR OWN VITAMIN C SERUMS - the whole Truth.url -> hxxp://www.skincaretalk.com/t/34460/making-your-own-vitamin-c-serums-the-whole-truth
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\My first lactic acid peel.url -> hxxp://www.skincaretalk.com/t/34269/my-first-lactic-acid-peel
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Potent C+E+FE - Rajani MD RX Prescription Grade Skin Care.url -> hxxp://rajanimd.com/skin-care-products/pc/Potent-C+E+FE-Serum-11p2.htm
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\PRESERVATIVE phenoxyethanol.url -> hxxp://barefacedtruth.com/2011/12/06/toxicity-and-sensitivity-risks-of-common-skin-care-preservatives/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\ReCverin LLC.url -> hxxp://stores.recverin.com/StoreFront.bok
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Revitalize your skin and restore its youthful look with AnteAGE System - My Store.url -> hxxp://cellese.com/store/product/anteage-serum-and-accelerator-system/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\SEAKiNia Anti- Aging cream.url -> hxxp://stores.homestead.com/hstrial-SkinEssential/-strse-45/SEAKiNia-Anti-dsh--Aging-cream/Detail.bok
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\skin care talk.url -> hxxp://www.skincaretalk.com/t/28921/dissolving-ferulic
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Supplier Resource List.url -> hxxp://www.skincaretalk.com/t/8915/supplier-resource-list
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\The Oil Cleansing Method - A simple, cleansing facial massage for clear skin!.url -> hxxp://www.theoilcleansingmethod.com/
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\thicker Vit C serum.url -> hxxp://www.skincaretalk.com/t/34397/so-happy
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Ultimate Facial Serum.url -> hxxp://www.essentialwholesale.com/Ultimate-Facial-Serum
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Vit C Ferulic Serum.url -> hxxp://www.skincaretalk.com/t/34397/so-happy
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\vit c you've got nail info.url -> hxxp://www.youvegotnail.com/?p=3395
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Vitamin C derivatives skin benefits of ascorbic acid without the downside.url -> hxxp://www.smartskincare.com/treatments/topical/vitcderiv.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\vitamin c ferulic acid vit e.url -> hxxp://www.nature.com/jid/journal/v125/n4/full/5603565a.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Vitamin C serum Skin Care.url -> hxxp://www.natural-skin-care-info.com/vitamin-c-serum.html
InternetURL: C:\Users\Deni\Favorites\SKIN CARE\Web Store - fawnie skin care.url -> hxxp://myfawnie.webs.com/apps/webstore/products/show/2998534
InternetURL: C:\Users\Deni\Favorites\MSN Websites\MSN Autos.url -> hxxp://g.msn.com/1me10IE9ENUS/405
InternetURL: C:\Users\Deni\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://g.msn.com/1me10IE9ENUS/406
InternetURL: C:\Users\Deni\Favorites\MSN Websites\MSN Money.url -> hxxp://g.msn.com/1me10IE9ENUS/408
InternetURL: C:\Users\Deni\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Deni\Favorites\MSN Websites\MSN.url -> hxxp://g.msn.com/1me10IE9ENUS/403
InternetURL: C:\Users\Deni\Favorites\MSN Websites\MSNBC News.url -> hxxp://g.msn.com/1me10IE9ENUS/404
InternetURL: C:\Users\Deni\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Deni\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Deni\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://g.msn.com/1me10IE9ENUS/409
InternetURL: C:\Users\Deni\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://g.msn.com/1me10IE9ENUS/410
InternetURL: C:\Users\Deni\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://g.msn.com/1me10IE9ENUS/411
InternetURL: C:\Users\Deni\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\Deni\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\Deni\Favorites\Links\Alaska Airlines - Horizon Air.url -> hxxp://www.alaskaair.com/Default.aspx
InternetURL: C:\Users\Deni\Favorites\Links\Delta Air Lines - Airline Tickets and Airfare to Worldwide Destinations.url -> hxxp://www.delta.com/
InternetURL: C:\Users\Deni\Favorites\Links\Guitar Lessons, Guitar Backing Tracks, Guitar Tuition DVDs.url -> hxxp://www.licklibrary.com/
InternetURL: C:\Users\Deni\Favorites\Links\Hotmail - [email protected] -> hxxp://bl158w.blu158.mail.live.com/default.aspx
InternetURL: C:\Users\Deni\Favorites\Links\MSN.url -> hxxp://www.msn.com/
InternetURL: C:\Users\Deni\Favorites\Links\Pandora Radio - Listen to Free Internet Radio, Find New Music#-.url -> hxxp://www.pandora.com/#/
InternetURL: C:\Users\Deni\Favorites\Links\Sign In.url -> hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1272921169&rver=6.0.5285.0&wp=MBI&wreply=hxxp:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
InternetURL: C:\Users\Deni\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Deni\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Deni\Favorites\Links\Welcome to Facebook! Facebook.url -> hxxp://www.facebook.com/
InternetURL: C:\Users\Deni\Favorites\Dell\Dell Auction.url -> hxxp://www.dellauction.com/
InternetURL: C:\Users\Deni\Favorites\Dell\Dell Internet Security.url -> hxxp://support.dell.com/support/topics/global.aspx/support/security/security?c=us&cs=19&l=en&s=dhs
InternetURL: C:\Users\Deni\Favorites\Dell\Dell.url -> hxxp://www.dell.com/
InternetURL: C:\Users\Deni\Favorites\Dell\Support.Dell.Com.url -> hxxp://support.dell.com/support/index.aspx?c=us&l=en&s=gen
InternetURL: C:\Users\Deni\Documents\1040.url -> hxxp://www.thoughtpolice.com/bayboyz/1040.html
InternetURL: C:\Users\Deni\Documents\Hotmail-TheWorld_sFREEWeb-basedE-mail.url -> hxxp://64.4.8.250/cgi-bin/linkrd?_lang=EN&lah=4ff945a3c60a5ad9b7f71d3a72c25fa6&lat=974583647&hm___action=http%3a%2f%2fwww%2ecwdzyns%2ecom%2fdubya
InternetURL: C:\Users\Deni\Documents\IntelligentXbringsyou[1]....url -> hxxp://intelligentx.svwh.net/taf.html?url=hxxp://intelligentx.svwh.net/taf/toilet.htm
InternetURL: C:\Users\Deni\Documents\SeattleEarthquake.url -> hxxp://www.memail.com/fotos/Shaker.html
InternetURL: C:\Users\Deni\Desktop\Dell By MSN.url -> hxxp://dell.msn.com/
InternetURL: C:\Users\Deni\Desktop\Unused Desktop Shortcuts\Best Card for Quicken Users - low APR, optional rewards program.url -> hxxp://qw2005.quicken.com/cgi-bin/qd.cgi/w/2005/25224
InternetURL: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
InternetURL: C:\Users\Deni\AppData\Local\Google\Toolbar\3B259C2E-20DB-4257-93E2-17C023D21970.url -> 0
InternetURL: C:\Users\Guest\Favorites\Bing.url -> hxxp://g.msn.com/1me10IE9ENUS/401
InternetURL: C:\Users\Guest\Favorites\Discover Bing.url -> hxxp://g.msn.com/1me10IE9ENUS/402
InternetURL: C:\Users\Guest\Favorites\Microsoft Picture It! Home Page.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=pictureit&ar=home&plcid=0x0409
InternetURL: C:\Users\Guest\Favorites\MSN.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.0&ar=IStart
InternetURL: C:\Users\Guest\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Users\Guest\Favorites\Web Events.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=5.2&os=&over=&olcid=&clcid=&ar=Media&sba=Showcase&o1=&o2=&o3=
InternetURL: C:\Users\Guest\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Guest\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Guest\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Guest\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Guest\Favorites\MSN Websites\MSN Autos.url -> hxxp://g.msn.com/1me10IE9ENUS/405
InternetURL: C:\Users\Guest\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://g.msn.com/1me10IE9ENUS/406
InternetURL: C:\Users\Guest\Favorites\MSN Websites\MSN Lifestyle.url -> hxxp://g.msn.com/1me10IE9ENUS/407
InternetURL: C:\Users\Guest\Favorites\MSN Websites\MSN Money.url -> hxxp://g.msn.com/1me10IE9ENUS/408
InternetURL: C:\Users\Guest\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Guest\Favorites\MSN Websites\MSN.url -> hxxp://g.msn.com/1me10IE9ENUS/403
InternetURL: C:\Users\Guest\Favorites\MSN Websites\MSNBC News.url -> hxxp://g.msn.com/1me10IE9ENUS/404
InternetURL: C:\Users\Guest\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Guest\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Guest\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://g.msn.com/1me10IE9ENUS/409
InternetURL: C:\Users\Guest\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://g.msn.com/1me10IE9ENUS/410
InternetURL: C:\Users\Guest\Favorites\Microsoft Websites\Microsoft Showcase.url -> hxxp://g.msn.com/1me10IE9ENUS/413
InternetURL: C:\Users\Guest\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://g.msn.com/1me10IE9ENUS/411
InternetURL: C:\Users\Guest\Favorites\Microsoft Websites\Microsoft.com.url -> hxxp://g.msn.com/1me10IE9ENUS/412
InternetURL: C:\Users\Guest\Favorites\Links\Customize Links.url -> hxxp://go.microsoft.com/fwlink/?LinkId=53540
InternetURL: C:\Users\Guest\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
InternetURL: C:\Users\Guest\Favorites\Links\Microsoft Picture It! Home Page.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=pictureit&ar=home&plcid=0x0409
InternetURL: C:\Users\Guest\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Guest\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315

==================== End of log =============================


----------



## migolfergirl (Oct 17, 2006)

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-05-2015 01
Ran by Deni at 2015-05-13 18:47:35
Running from C:\Users\Deni\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2470467007-3615624817-2011931734-500 - Administrator - Disabled)
Deni (S-1-5-21-2470467007-3615624817-2011931734-1000 - Administrator - Enabled) => C:\Users\Deni
Guest (S-1-5-21-2470467007-3615624817-2011931734-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2470467007-3615624817-2011931734-1005 - Limited - Enabled)
Sonos (S-1-5-21-2470467007-3615624817-2011931734-1022 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Kindle For PC v1.1 (HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Amazon Kindle For PC) (Version: - )
Apple Application Support (32-bit) (HKLM\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avast Internet Security (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
avast! EasyPass (HKLM\...\AI RoboForm) (Version: 7-7-8-128 - AVAST Software)
Avery Template (HKLM\...\{A760067A-C07E-1033-0000-A764AC000010}) (Version: 2.0.0.0 - Avery)
BlackBerry Desktop Software 6.0.2 (HKLM\...\BlackBerry_Desktop) (Version: 6.0.2.42 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.0.2 (Version: 6.0.2.42 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C8100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
C8100_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Click'N Design 3D (V5) (HKLM\...\Click'N Design 3D (V5)) (Version: v5.x.x - Stomp Inc.)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}) (Version: 1.1.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileOpen Client (HKLM\...\{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}) (Version: 3.0.16.879 - FileOpen Systems, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hallmark Card Studio 2008 Deluxe (HKLM\...\{747A6A10-DA58-48C2-A1F0-C15514419C8A}) (Version: 9.0.0.9 - Creative Home)
Hallmark Card Studio 2011 Deluxe (HKLM\...\{62687EAC-F27D-49AC-A0E2-3899B0459113}) (Version: 12.0.2.6 - Hallmark Software)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IntelliMover (HKLM\...\{B6751A10-2389-4AEF-870A-4DD925F48733}) (Version: 3.63 - Detto Technologies)
iPod for Windows 2006-06-28 (Version: 4.7.0 - Apple Computer, Inc.) Hidden
iTunes (HKLM\...\{B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}) (Version: 12.1.0.71 - Apple Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version: - )
Livescribe Helper (HKLM\...\Livescribe Helper 1.0.2) (Version: 1.0.2 - Livescribe Inc)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Digital Image Suite 2006 (HKLM\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Greetings 2000 (HKLM\...\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}) (Version: 4.0.0000 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{B6AC9178-8DE8-4654-97C8-7B71C7CBE683}) (Version: 3.50.242.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Picture It! 2000 (HKLM\...\{E78FC917-C21B-11D2-99FE-00105A98B681}) (Version: 4.0.0.0 - Microsoft)
Microsoft Search Enhancement Pack (HKLM\...\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}) (Version: 3.0.133.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 38.0 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0 (x86 en-US)) (Version: 38.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OverDrive Media Console (HKLM\...\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}) (Version: 3.2.5 - OverDrive, Inc.)
PHOTOfunSTUDIO 5.0 (HKLM\...\{959282E3-55A9-49D8-B885-D27CF8A2FD82}) (Version: 5.00.209 - Panasonic Corporation)
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
PictureProject In Touch Downloader 1.0 (HKLM\...\PictureProject In Touch Downloader) (Version: 1.0 - Fotonation Inc.)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
PS_AIO_02_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 28.1.83040 - Sonos, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vanBasco's Karaoke Player (HKLM\...\VMidi) (Version: - )
Video Downloader (Version: 1.0.0 - RealNetworks) Hidden
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WD Drive Manager (x86) (HKLM\...\{E934E2A2-BE3B-4C1A-A3D9-753FFB2B38B4}) (Version: 2.103 - Western Digital)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - WebEx Communications, Inc)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{03022430-ABC4-11D0-BDE2-00AA001A1953}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{2933BF90-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{4657278A-411B-11D2-839A-00C04FD918D0}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D0A03AD0-F49C-4E01-9C1D-CA3B7B73B08E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D3C25535-8D07-4A8E-B24F-B917CCD78A0F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FF4FF418-2C5B-455E-B4E6-B530FABF04AF}\InprocServer32 -> No File Path

==================== Restore Points =========================

04-03-2015 15:54:22 Installed HP Support Solutions Framework
23-03-2015 09:23:28 avast! antivirus system restore point
23-03-2015 09:27:35 Device Driver Package Install: Avast Network Service
03-04-2015 13:47:14 Installed DirectX
03-04-2015 13:48:43 Installed DirectX
03-04-2015 13:49:22 Installed DirectX
03-04-2015 13:53:58 Windows Live Essentials
03-04-2015 13:54:13 WLSetup
03-04-2015 13:58:31 Removed Microsoft SQL Server Compact 3.5 SP1 English
03-04-2015 13:59:09 Removed Microsoft Visual C++ 2005 Redistributable
03-04-2015 14:00:08 Removed Microsoft Visual C++ 2005 Redistributable
06-04-2015 12:34:22 Windows Update
07-04-2015 19:23:45 Installed HP Support Solutions Framework
09-04-2015 09:17:15 Removed Adobe Reader XI (11.0.10).
09-04-2015 09:20:31 Removed Adobe Reader XI (11.0.10).
25-04-2015 11:31:16 avast! antivirus system restore point
25-04-2015 11:34:52 Device Driver Package Install: Avast Network Service
12-05-2015 12:40:42 Installed Microsoft SQL Server 2005 Compact Edition [ENU]
12-05-2015 17:57:01 Removed IntelliMover
12-05-2015 17:58:51 Installed IntelliMover
12-05-2015 19:03:35 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
12-05-2015 19:04:26 Removed IntelliMover
12-05-2015 19:05:50 Removed IntelliMover
12-05-2015 19:07:59 Removed UpdateAdmin
12-05-2015 23:01:48 Restore Operation
12-05-2015 23:07:22 avast! antivirus system restore point
12-05-2015 23:14:51 Device Driver Package Install: Avast Network Service
13-05-2015 01:00:27 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09CDC56C-157C-4D97-B694-C954514959BD} - System32\Tasks\{14B3793A-EB0B-422F-9A42-9840F1BD94A4} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {14EB18A4-C6D1-4E57-8086-943D4491AA10} - System32\Tasks\{B8026622-9AD3-4356-8649-B6B687800D4C} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {23993E91-BFCA-4E53-B877-CD9CC4481550} - System32\Tasks\{5EE11670-9C92-402B-A890-EB48E98FC995} => pcalua.exe -a "C:\Trend Micro\HiJackThis\HiJackThis.exe" -d "C:\Trend Micro\HiJackThis\"
Task: {25047F3E-1D94-4C4B-9639-E0F1CE75905E} - System32\Tasks\{5EDCAD6D-F5A7-4BDD-BB73-50652E6D0048} => C:\Program Files\Creative Home\Hallmark Card Studio 2008 Deluxe\Hallmark Card Studio 2008.exe [2007-10-03] (Creative Home)
Task: {2D1D20BC-C6AC-486B-BC09-99787270D2B8} - System32\Tasks\{92BDDB71-A593-4476-929D-5DF646C613F7} => pcalua.exe -a "C:\Program Files\Alwil Software\Avast5\aswRunDll.exe" -c "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Task: {323F99AB-6687-4B4C-800F-067F56D445C8} - System32\Tasks\avastBCLRestartS-1-5-21-2470467007-3615624817-2011931734-1000 => Firefox.exe 
Task: {33A98323-A90C-42EA-80CD-4CAFBD8FF3BE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2470467007-3615624817-2011931734-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {35E52F66-79FD-4DC8-A047-B9E89EA35DB8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-25] (Avast Software s.r.o.)
Task: {40919781-71D7-4F14-B8AB-20708B031216} - System32\Tasks\{7AC56557-FCAC-47B0-840D-68FB7ADE342C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {515DB207-623C-4113-BCD9-7CAD89430F3B} - System32\Tasks\{12C2787B-FF61-4A21-B1FB-12256565DB97} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {5C1C2EAC-91A1-4E3A-898D-3D455E8529A6} - System32\Tasks\{A4FC6B95-5BA4-46AA-834C-E96B9DD9D4BD} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {64988D79-7CFB-4E7D-A588-C7BE060C4C8E} - System32\Tasks\{4642BD82-2027-4DFA-A10E-D2520EC65795} => pcalua.exe -a C:\Users\Deni\Downloads\HijackThis(1).exe -d C:\Users\Deni\Downloads
Task: {6B8B8C60-1FD1-4E92-95D2-B5301F17FBDF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {6DD6CA3F-2CFC-40A3-A585-41CB44E81EA0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2470467007-3615624817-2011931734-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {6E42190C-26A9-407B-9641-114B8F5FAE2E} - System32\Tasks\{E82068A0-FCC9-41A4-BD07-6E61187E06C8} => C:\Users\Deni\Desktop\vanBasco's Karaoke Player\vmidi.exe
Task: {7059248C-5CFC-4201-B467-A756DA81FFFA} - System32\Tasks\{E8776687-41C6-495A-9CF6-02EEF044E981} => pcalua.exe -a "C:\Windows\TEMP\avast_ash\Adobe AIR\AdobeAIRInstaller.exe" -d C:\Windows\system32
Task: {739F3D1C-FF7F-44EA-8D7C-184CA167D268} - System32\Tasks\{A7BC9E6E-D3B7-4A59-865B-81A62EC153DC} => pcalua.exe -a "C:\Users\Deni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\79A6NEDS\vkaraoke[1].exe" -d C:\Users\Deni\Desktop
Task: {7B2E5C77-7568-4BF2-8D53-55C324331B18} - System32\Tasks\{2329800E-0AD0-4363-9316-EE9B55B62659} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {7DD1BF38-B372-4F4D-BA7C-67B81F8BE552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {943DD186-E7C3-407F-AB57-AFE4169C1ADF} - System32\Tasks\{C85B9E07-8AA4-4E03-8465-4E7EA3A1FFC2} => C:\Program Files\vanBasco's Karaoke Player\vmidi.exe [2004-03-11] ()
Task: {A3E48FAA-E243-4D8D-B1A7-A7F71243A6C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {A4B7423F-40AC-4344-A0DA-50AE8A9AE8EB} - System32\Tasks\{161DDA94-2C3D-4DDC-BA23-B03CD141F01C} => C:\Program Files\vanBasco's Karaoke Player\vmidi.exe [2004-03-11] ()
Task: {AD59AF74-8CB1-4C46-8AC3-88FA20F20A86} - \Run RoboForm TaskBar Icon No Task File <==== ATTENTION
Task: {B186D63E-6DB3-431C-9FE2-CC36F69A4C42} - System32\Tasks\{95654363-9C61-467A-8D87-005ED22527DF} => pcalua.exe -a "C:\Program Files\Common Files\DVDVideoSoft\Uninstall.exe"
Task: {C5CD3108-424C-48BF-BD9C-A2984E3982B8} - System32\Tasks\{8E76E976-D801-4766-B995-0BC296F05C42} => pcalua.exe -a "C:\Users\Deni\Desktop\vanBasco's Karaoke Player\uninst.exe" -d "C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player"
Task: {C77D8EC2-3DF7-4E15-8A7A-D6EA547C6F85} - System32\Tasks\{BF77CC00-8B94-40BD-9C4C-FE8F78DC379A} => C:\Users\Deni\Desktop\vanBasco's Karaoke Player\vmidi.exe
Task: {D3955990-50B1-41BF-B9EF-FB7DAA0EA003} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {E92A3065-6C71-42FE-A543-591E058F4B66} - System32\Tasks\{E4304D56-C64D-4DC0-AA38-55849AE050EE} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {F0F0D972-4506-4E4D-9A54-AADB4F53A4B9} - System32\Tasks\{4C30C2DD-54A1-43DF-A4AE-C67A583E41E2} => pcalua.exe -a F:\setup.exe -d F:\
Task: {F4269D93-E842-4A9C-9867-7DA240177BB6} - System32\Tasks\{5BD0D882-76BC-4AF7-A815-DD3BE4A4EB64} => pcalua.exe -a D:\Launcher.exe -d D:\
Task: {FEE56706-F5E7-491D-A629-3F3F85D78F4B} - System32\Tasks\{67DC3A3E-113B-4C67-8274-E7FAAB80CC76} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-04-25 11:33 - 2015-04-25 11:33 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-25 11:33 - 2015-04-25 11:33 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-13 06:28 - 2015-05-13 06:28 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051301\algo.dll
2015-05-13 12:55 - 2015-05-13 12:55 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051302\algo.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-23 09:25 - 2015-03-23 09:25 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-11-05 16:35 - 2012-11-05 16:35 - 00276992 ____N () C:\Program Files\Common Files\Livescribe\PenComm\PenCommSdk.dll
2014-10-29 20:06 - 2014-10-29 20:06 - 00560192 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
2014-10-29 20:01 - 2014-10-29 20:01 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 20722336 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00322208 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 34089120 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2011-02-10 09:09 - 2011-02-10 09:09 - 09352576 _____ () C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\HCS.exe
2010-12-20 15:31 - 2010-12-20 15:31 - 00056744 _____ () C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\UserExperienceRecorder.dll
2011-02-10 09:09 - 2011-02-10 09:09 - 00101264 _____ () C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\MonetEngine.dll
2010-12-20 15:30 - 2010-12-20 15:30 - 00634248 _____ () C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\HaruPDF.dll
2011-02-10 09:09 - 2011-02-10 09:09 - 00031128 _____ () C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\MonetFramework.dll
2011-02-10 09:09 - 2011-02-10 09:09 - 00099208 _____ () C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\MonetData.dll
2010-12-20 15:30 - 2010-12-20 15:30 - 00016264 _____ () C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\AexReader.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00270016 _____ () C:\Program Files\Windows Live\Writer\en\WindowsLive.Writer.Localization.resources.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Deni\Documents\FwBlondeBreakdown.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\FWRulestoLiveByFw.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\Hi + resume.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\HMO.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\MarriageOne-liners.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Classes\.exe: => <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder 2008.lnk => C:\Windows\pss\Event Planner Reminder 2008.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder.lnk => C:\Windows\pss\Event Planner Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk => C:\Windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
MSCONFIG\startupreg: AddressBookReminderApp => C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\ReminderApp.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F6BF4938-C7AC-45D7-BE8E-2D62C2CD8655}] => (Allow) svchost.exe
FirewallRules: [{C14DA69F-67EC-4172-A581-834839055449}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{083CF558-C30A-4D20-991B-401F43A5E1A1}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{E3939DA1-FDB3-4761-AFB4-FA5CBEBB3518}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [TCP Query User{D94FF4E3-369A-4794-BB22-C51B935CA81F}C:\program files\intellimover\ftu.exe] => (Allow) C:\program files\intellimover\ftu.exe
FirewallRules: [UDP Query User{4550C1D9-DFD5-49CD-8ACE-C2F8B5873A62}C:\program files\intellimover\ftu.exe] => (Allow) C:\program files\intellimover\ftu.exe
FirewallRules: [{036ED114-87AD-43C4-8978-C3A45A20433B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0C0E\setup\hpznui01.exe
FirewallRules: [{DFDE62BE-CC86-4673-A1F7-F42977AEDA9F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5C9191BB-66FD-4F16-A414-4DCBD433FA56}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{FECF3292-329A-42B6-8541-F12659C7DC98}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{1313B423-DEA9-47F1-8FB4-5E5658B75E1B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{DD9F3498-9E37-4A98-B54D-CD72272F8C14}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{FF258F2A-2961-43AE-990D-E7ED24B3B706}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{AE4470B6-05C8-4D1E-961C-FA475153E5DF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{210665B1-09B4-4A6E-B5F4-AD0FDF9B6FC7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{C13EEDDA-0B60-402E-BC1B-C5BF8685F3F6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{B566B598-6350-4B1B-820A-D51F582863C5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{B6455810-AB63-4D40-B78A-E36C69BF24E6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F568CE69-7108-4C42-BDB1-18C688175E1C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{D49EA720-B413-4F02-89A7-60CA80493511}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{4FAA906C-07D6-4432-AF2F-11D82F78804F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{B9CB9064-8EBF-441F-B304-C997CBE0BAA9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{A713A0CC-9455-4925-B2D5-0F59EFA7BBB2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{5C08087D-82E3-4781-A064-17BB7A902B19}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{DF4E6343-8A95-434F-9215-87EBF61A056A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{E3836EE4-CC7F-4D5F-9DAB-8A6479127021}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{4C545C9A-F71E-422E-B6AC-543A90CC507E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{F5E56357-421F-44E2-99E3-CC45C712B071}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{2D66E08C-0C79-4496-832D-D4E60EC111FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D367313E-EE8B-4984-8668-6973AA05D2C2}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{B3629639-8F15-419C-9A88-F57B2932FB9A}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{8133B47E-4670-408F-BC83-B23BB700D5CE}C:\program files\intellimover\ftu.exe] => (Allow) C:\program files\intellimover\ftu.exe
FirewallRules: [UDP Query User{D4B6D1FA-1F54-44AF-A3D3-FBCED352C7CE}C:\program files\intellimover\ftu.exe] => (Allow) C:\program files\intellimover\ftu.exe
FirewallRules: [TCP Query User{81F25798-A45B-49D7-A5E3-B6C4C9A4B315}C:\program files\limewire\limewire.exe] => (Block) C:\program files\limewire\limewire.exe
FirewallRules: [UDP Query User{6C0B64EC-F258-45C3-A6C0-7F234C845AB3}C:\program files\limewire\limewire.exe] => (Block) C:\program files\limewire\limewire.exe
FirewallRules: [{DBF83457-79A0-4FC5-BD12-4E7A495D0376}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{C4D92381-B0E4-4960-ABE6-DE94E04EDF85}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{0860F047-3511-415E-B8E2-2092C17F56AF}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{354267FB-C8F7-48D2-B12D-D34FFDD68B38}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{80D5F0DA-ED78-4A2C-B71B-7C3DA46AF0B4}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0BBDD863-C04A-47AE-97A8-13CEB82FC9FE}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{C42C9F61-1806-4640-A04A-9D413B83BCDB}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{29D2A685-C06E-4DAF-9C93-97E9F4E5B910}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{E7F6DAD3-8826-4384-8CA9-D440CB335A12}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{D0D33291-B841-4A33-A723-B50B19AF9CA6}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{10BDE182-A458-4813-B8DA-EF1D04C82607}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{B8F2EF62-0416-4331-9D0F-97908B6EAAB7}] => (Allow) LPort=4481
FirewallRules: [{4F5161AC-2FD3-4323-8929-CF2E385E5416}] => (Allow) LPort=4481
FirewallRules: [{E1928657-5FB4-43AB-BC90-2381801A10BB}] => (Allow) LPort=4482
FirewallRules: [{37D1C610-86E8-4BA4-9654-B93509304E45}] => (Allow) LPort=4482
FirewallRules: [{99A7B115-8BD2-47DE-9683-9C569DCA9B1B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0F0FF758-5F4B-4734-B0C1-FC7375AEE19A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1FA9FA2C-0D8F-43CD-82C5-679CBB0C6BB2}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS100C\HPDiagnosticCoreUI.exe
FirewallRules: [{1563DC08-749D-4531-9348-C35819BFB1C4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS100C\HPDiagnosticCoreUI.exe
FirewallRules: [{5D4FAD5E-3CC8-4DBF-BAD4-0A918ECAC27C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS4C57\hppiw.exe
FirewallRules: [{B44AEC71-5856-4470-8BAA-09FDB9EA1215}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS4C57\hppiw.exe
FirewallRules: [{3DABE032-829B-4F81-862A-3433578B92A4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3FB2\hppiw.exe
FirewallRules: [{7F00DCDA-3B63-4D2A-8B0F-308BDFDD452B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3FB2\hppiw.exe
FirewallRules: [{65BE7EBA-B147-4A42-8702-88BC9048F0E4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2A8B\HPDiagnosticCoreUI.exe
FirewallRules: [{C46AF6BC-DDBA-43D4-AA71-D540B6C9197F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2A8B\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{A9F3E014-4796-4FE0-9DF0-682F3AA0A5D6}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{809B8080-26DA-4DA7-8ADB-C95FA857DF60}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [{906DD7A1-E9C6-49E2-92BF-69BFE8AA8C7D}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS358A\hppiw.exe
FirewallRules: [{94967643-C0A7-4364-B585-866382B7B227}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS358A\hppiw.exe
FirewallRules: [{71B6158E-E738-47E8-93B2-5CED324B24A1}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3216\HPDiagnosticCoreUI.exe
FirewallRules: [{0E3F0B29-A969-4937-BB31-093474C88006}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3216\HPDiagnosticCoreUI.exe
FirewallRules: [{72A56E8E-9B08-44F8-906E-9557AEFDADF4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2DF3\HPDiagnosticCoreUI.exe
FirewallRules: [{C5681341-4FC2-472D-83D1-7FDC90133904}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2DF3\HPDiagnosticCoreUI.exe
FirewallRules: [{50F91064-B456-4E90-B80B-2ABF2BD296B5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS338D\HPDiagnosticCoreUI.exe
FirewallRules: [{9E66DFCE-ED53-40A0-AEA6-75629A25A04D}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS338D\HPDiagnosticCoreUI.exe
FirewallRules: [{2CFC08B8-9DB0-4D12-897D-C9D5104AD12F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS33CB\HPDiagnosticCoreUI.exe
FirewallRules: [{2CC28ADE-F78F-41DB-9A8A-7AE6995125CF}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS33CB\HPDiagnosticCoreUI.exe
FirewallRules: [{6F092720-1784-4BF8-8479-B5EE7C9B5C55}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3AC8\hppiw.exe
FirewallRules: [{8C26FB33-4F55-40A6-8F75-EBB3FF23859A}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3AC8\hppiw.exe
FirewallRules: [{43878482-0FC2-4F25-AB93-6C363753B64C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6708\hppiw.exe
FirewallRules: [{F294645E-CC89-45C0-99B1-A3A73417691F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6708\hppiw.exe
FirewallRules: [{D32AE993-771E-4DE5-8C07-50D435659B7D}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68AE\HPDiagnosticCoreUI.exe
FirewallRules: [{7FB476CC-1FEA-43E7-B808-DB057CE5C61C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68AE\HPDiagnosticCoreUI.exe
FirewallRules: [{69C12F37-64B9-47FA-92E8-E5AC67E84ED5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68DB\HPDiagnosticCoreUI.exe
FirewallRules: [{BAA78B8A-98E7-4242-B03E-5B8BAF47E932}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68DB\HPDiagnosticCoreUI.exe
FirewallRules: [{53C5698E-ACBB-45F5-9543-42F9D9698207}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS061E\hppiw.exe
FirewallRules: [{8F8B28DC-9A4D-4AC0-8921-F07E4BDF2C2E}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS061E\hppiw.exe
FirewallRules: [{088C5DC4-B629-47AA-9A17-54741F0D7408}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS30B2\HPDiagnosticCoreUI.exe
FirewallRules: [{5530BA87-390C-4323-B8AA-E3F2A3C2D8E5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS30B2\HPDiagnosticCoreUI.exe
FirewallRules: [{EFE0E2F3-E175-4DC3-B0FE-23F058B108C8}] => (Allow) C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C32158F7-5DFA-4962-9F58-53C42F350510}] => (Allow) C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0CFB6911-CDA0-4141-B08A-2DD74A53C932}C:\users\deni\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\deni\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B82D8002-2136-4F82-B6B6-D8916297B3BE}C:\users\deni\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\deni\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{647831B8-8FF7-42E3-839E-9F9ACF8B6064}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0902\hppiw.exe
FirewallRules: [{FF443AFE-1601-4544-8F59-7F5A5CA1F526}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0902\hppiw.exe
FirewallRules: [{E29201C7-04F4-4BAF-8BED-96B808ED7F22}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D8A\hppiw.exe
FirewallRules: [{2021DF06-4DCB-4C9F-A9A2-4FE4AABB9EC6}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D8A\hppiw.exe
FirewallRules: [{29C53643-E3FB-451D-BFD2-D97F36419BB6}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6319\HPDiagnosticCoreUI.exe
FirewallRules: [{2C189A71-8804-4E76-8C2D-8D24F9959F1B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6319\HPDiagnosticCoreUI.exe
FirewallRules: [{1823C72E-7FEA-4299-B534-75B47DFCAB3B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS66D3\HPDiagnosticCoreUI.exe
FirewallRules: [{4BB07C17-3DBE-439C-B242-1A410D6B953B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS66D3\HPDiagnosticCoreUI.exe
FirewallRules: [{1D4E0BAF-38A7-43A4-B6C5-3FAE27FA5F9F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{89A75790-A8C5-42FE-91D4-CBC222982CC4}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A54EF524-843E-4426-92CB-C18522C4E0BC}] => (Allow) LPort=2869
FirewallRules: [{9A6131CC-843F-4FDB-BDFA-01FB54627A8D}] => (Allow) LPort=1900
FirewallRules: [{188B9D9C-16BB-4A8E-A914-20C8D494BAAD}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0B78\HPDiagnosticCoreUI.exe
FirewallRules: [{A5AF31A4-6DE8-41C9-B3B8-8430CE764E47}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0B78\HPDiagnosticCoreUI.exe
FirewallRules: [{55F23509-2C33-47D8-8A01-CFD9032BA5F4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0BD0\HPDiagnosticCoreUI.exe
FirewallRules: [{3DFFC030-565B-4D57-81CD-330584933372}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0BD0\HPDiagnosticCoreUI.exe
FirewallRules: [{E19C252C-5D32-4523-B2FF-3339CDFA8F5F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D26\HPDiagnosticCoreUI.exe
FirewallRules: [{E55529B6-EC64-4B69-8C70-A54B6DCF567E}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D26\HPDiagnosticCoreUI.exe
FirewallRules: [{2CDC84D6-24E9-4D97-9F64-80A81F018FA6}] => (Allow) C:\Users\Deni\AppData\Local\Temp\nsn3FEF.tmp\CnetInstaller-76037274.exe
FirewallRules: [{A6E07F7E-E2E3-4E4D-B3EC-8D0EF56C166A}] => (Allow) C:\Users\Deni\AppData\Local\Temp\nsn3FEF.tmp\CnetInstaller-76037274.exe
FirewallRules: [{BCA72890-6238-47E8-A182-571EECE8AC74}] => (Allow) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{E93C9CC1-5269-44F1-8C18-87695BB4FD2A}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS50FC\HPDiagnosticCoreUI.exe
FirewallRules: [{F7BA8AC1-E69F-4D4F-840E-9E494E560E72}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS50FC\HPDiagnosticCoreUI.exe
FirewallRules: [{DF0BCC57-5CF8-45FC-9A24-0C97FCD66974}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS12FD\HPDiagnosticCoreUI.exe
FirewallRules: [{04BFE2CB-8B62-4287-A93C-D9B6129088A3}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS12FD\HPDiagnosticCoreUI.exe
FirewallRules: [{7374A8A8-A9B8-4D13-A0E3-2CA3BF4743CF}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS1335\HPDiagnosticCoreUI.exe
FirewallRules: [{CE9CD310-DF05-4C05-B8FD-23CE3845A496}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS1335\HPDiagnosticCoreUI.exe
FirewallRules: [{FC833148-B9BA-4823-BED5-1D46D6B868B4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0EDC\HPDiagnosticCoreUI.exe
FirewallRules: [{9A8B53BA-C360-4591-B5BA-127DA01C9CA1}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0EDC\HPDiagnosticCoreUI.exe
FirewallRules: [{8873952E-1D29-43A1-9695-324BBD9A6861}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{467FC82C-ACC6-44BB-9131-F1FC3340AC24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0CDAFA68-B7FD-487E-823D-C2206F39F380}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [UDP Query User{12DDC536-936C-4990-A4A5-28AA64E59E47}C:\program files\sonos\sonos.exe] => (Allow) C:\program files\sonos\sonos.exe
FirewallRules: [{DB324AEC-2726-4EFB-85E1-754D3EB88DD6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{0E060DB6-16EA-4FA0-B6E1-CEDC26E32121}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{175A9360-60C4-420A-8CCF-479E2C291FC0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{436616E4-3B0F-40E1-9A80-8E509F35D13C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS734D\HPDiagnosticCoreUI.exe
FirewallRules: [{406394B5-F72F-4B06-ABA5-BBCC830561C7}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS734D\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{974700B7-1677-4DE5-B4CF-443910D2F37C}C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.exe] => (Allow) C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.exe
FirewallRules: [UDP Query User{0A8946B8-E4DE-41F5-83E2-355B7F040C0E}C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.exe] => (Allow) C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.exe
FirewallRules: [{36119141-BCBF-4948-859B-200ABEDBFA2E}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS619D\HPDiagnosticCoreUI.exe
FirewallRules: [{9A2FB5C7-B63F-4214-8CCC-5C5072429FC5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS619D\HPDiagnosticCoreUI.exe
FirewallRules: [{B79B691D-3593-486E-8DFF-C441E164B094}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{AE8A8E0E-D366-44C6-A674-D808C0C0AA9F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3A97C63A-F18E-4FFE-9A55-BBCD472BC998}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart C8100 series
Description: Photosmart C8100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/13/2015 05:12:26 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/13/2015 03:20:36 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/13/2015 03:16:11 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/13/2015 10:48:36 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Installed Microsoft SQL Server 2005 Compact Edition [ENU]). Additional information: 0xc0000022.

Error: (05/13/2015 01:00:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.

System Error:
The system cannot find the file specified.
.

Error: (05/12/2015 11:57:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/12/2015 11:53:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/12/2015 11:52:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/12/2015 11:50:47 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (05/12/2015 11:07:22 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {38e7bdea-93f1-4959-aa30-e7924268a3f4}

System errors:
=============
Error: (05/13/2015 03:50:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Firewall service.

Error: (05/13/2015 03:50:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Firewall service.

Error: (05/13/2015 11:31:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (05/13/2015 11:31:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/13/2015 11:31:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The RealPlayer Cloud Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/13/2015 11:31:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

Error: (05/13/2015 11:31:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/13/2015 11:31:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SeaPort service terminated unexpectedly. It has done this 1 time(s).

Error: (05/13/2015 11:31:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WD Drive Manager Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/13/2015 11:31:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The RealPlayer Update Service service terminated unexpectedly. It has done this 1 time(s).

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 75%
Total physical RAM: 3036.99 MB
Available physical RAM: 736.26 MB
Total Pagefile: 6072.27 MB
Available Pagefile: 2793.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.45 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:218.14 GB) (Free:45.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.8 GB) (Disk ID: 71B1E4FB)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================


----------



## migolfergirl (Oct 17, 2006)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2015 01
Ran by Deni (administrator) on NEWFAMCOMP on 13-05-2015 18:46:57
Running from C:\Users\Deni\Desktop
Loaded Profiles: Deni (Available profiles: Deni & Guest)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\HCS.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM\...\Run: [WD Drive Manager] => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [430080 2008-05-16] (WDC)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7514656 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [296520 2014-12-04] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-01-27] (Apple Inc.)
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [TWC.Win7] => C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [C:/Program Files/Media Freeware/Free Youtube To MP4 Converter/Free Youtube To MP4 Converter.exe] => C:\Program Files\Media Freeware\Free Youtube To MP4 Converter\Free Youtube To MP4 Converter.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2012-03-27]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-12-04]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-25] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {9B21041F-37E4-49AF-B708-75DD245BEB5A} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Cassiopesa
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-09] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-03-09] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-12-04] (RealPlayer Cloud)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-04-08] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-12-04] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-02-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-12-04] (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566\searchplugins\cassiopesa.xml [2015-05-12]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-18]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: avast! EasyPass Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-02-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-13]
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-04]
FF HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-24]

Chrome: 
=======
CHR Profile: C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (No Name) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-12]
CHR Extension: (Google Wallet) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-25] (Avast Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PenCommService; C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2012-11-05] (Livescribe) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
S2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-04] (RealNetworks, Inc.)
S2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-05-16] (WDC) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-25] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-04-25] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-25] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [271248 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-25] ()
S3 JRAID; C:\Windows\system32\DRIVERS\jraid.sys [89048 2009-05-21] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [20480 2012-11-05] (Windows (R) Win 7 DDK provider) [File not signed]
S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror.sys [3328 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-28] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-25] (Avast Software)
R3 Wdm1; C:\Windows\System32\Drivers\usbbc.sys [15576 2003-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:17 - 2015-05-13 18:46 - 00019491 _____ () C:\Users\Deni\Desktop\FRST.txt
2015-05-13 18:17 - 2015-05-13 18:17 - 00000000 ____D () C:\Users\Deni\Desktop\FRST-OlderVersion
2015-05-13 13:51 - 2015-05-13 13:51 - 01307590 _____ () C:\Users\Deni\Documents\Thank bottom of my butt.hmk
2015-05-13 11:30 - 2015-05-13 11:30 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NEWFAMCOMP-Windows-7-Professional-(32-bit).dat
2015-05-13 11:25 - 2015-05-13 11:28 - 00000000 ____D () C:\Users\Deni\AppData\Local\AvastSupport
2015-05-12 23:11 - 2015-04-25 11:33 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-12 22:57 - 2015-05-12 22:57 - 00000000 ____D () C:\RegBackup
2015-05-12 20:56 - 2015-05-12 20:56 - 00000000 ____D () C:\ProgramData\f04b3c000005f06
2015-05-12 19:02 - 2015-05-12 23:05 - 00000000 ____D () C:\Users\Deni\AppData\Local\fiso
2015-05-12 18:47 - 2015-05-12 23:05 - 00000000 ____D () C:\Program Files\user extensions
2015-05-12 18:47 - 2015-05-12 18:47 - 00000064 _____ () C:\Users\Deni\AppData\Local\9aff5a1a12d9faf30fb9a5b935a39c40
2015-05-12 12:40 - 2015-05-12 12:40 - 01819136 _____ () C:\Users\Deni\Downloads\SQLServerCE31-EN.msi
2015-05-12 12:40 - 2015-05-12 12:40 - 01819136 _____ () C:\Users\Deni\Downloads\SQLServerCE31-EN(1).msi
2015-05-07 14:23 - 2015-05-07 14:23 - 01124072 _____ (Adobe Systems Incorporated) C:\Users\Deni\Downloads\readerdc_en_ha_install.exe
2015-05-07 13:34 - 2015-05-07 13:34 - 00008213 _____ () C:\Users\Deni\Documents\cher.aspx
2015-04-27 10:45 - 2015-04-27 10:45 - 00151552 _____ () C:\Users\Deni\Documents\Half envelope DOGWOOD w add.php
2015-04-27 10:23 - 2015-04-27 10:23 - 00903010 _____ () C:\Users\Deni\Documents\Thinking of you barlow.hmk
2015-04-25 11:33 - 2015-04-25 11:33 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-25 11:32 - 2015-04-25 11:32 - 00271248 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-04-24 13:58 - 2015-05-13 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 18:46 - 2014-05-12 01:56 - 00000000 ____D () C:\FRST
2015-05-13 18:17 - 2014-08-23 15:28 - 01144320 _____ (Farbar) C:\Users\Deni\Desktop\FRST.exe
2015-05-13 18:01 - 2010-02-05 16:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 15:05 - 2010-03-24 12:05 - 00001071 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-13 14:04 - 2015-03-25 16:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-13 13:57 - 2014-08-26 13:30 - 00750080 _____ () C:\Users\Deni\Documents\Half env DECKEDOUT GIRL add.php
2015-05-13 13:35 - 2014-04-23 17:35 - 00000027 _____ () C:\Users\Deni\Documents\Hallmark Card Studio 2008.txt
2015-05-13 13:01 - 2010-02-05 16:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 12:17 - 2009-07-13 21:55 - 01593726 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 11:59 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\TRAVEL
2015-05-13 11:45 - 2014-06-17 11:06 - 00000000 ____D () C:\AdwCleaner
2015-05-13 11:38 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 11:38 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 11:01 - 2013-04-09 13:35 - 00000000 ___RD () C:\Users\Deni\Dropbox
2015-05-13 11:01 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Dropbox
2015-05-13 10:59 - 2014-10-27 14:07 - 00005927 _____ () C:\Windows\setupact.log
2015-05-13 10:59 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 10:58 - 2009-10-29 18:33 - 01480206 _____ () C:\Windows\PFRO.log
2015-05-13 10:50 - 2013-04-09 13:35 - 00001020 _____ () C:\Users\Deni\Desktop\Dropbox.lnk
2015-05-13 10:50 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 23:58 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2015-05-12 23:55 - 2009-11-16 14:25 - 00000000 ____D () C:\Users\Deni
2015-05-12 23:15 - 2014-11-13 12:24 - 00002025 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-12 23:15 - 2014-11-13 12:24 - 00001965 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-05-12 23:15 - 2014-11-13 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-12 23:05 - 2015-03-25 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-12 23:05 - 2014-08-23 16:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-12 23:05 - 2012-06-23 09:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-12 23:05 - 2011-01-13 11:02 - 00000000 ____D () C:\Users\Guest
2015-05-12 23:05 - 2009-11-18 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntelliMover
2015-05-12 23:05 - 2009-11-18 10:16 - 00000000 ____D () C:\Program Files\IntelliMover
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-12 23:05 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\registration
2015-05-12 18:26 - 2014-09-05 10:24 - 00000000 ____D () C:\Users\Deni\AppData\Local\Adobe
2015-05-12 18:21 - 2006-07-31 08:31 - 00000171 _____ () C:\Users\Deni\default.pls
2015-05-12 16:03 - 2009-11-18 18:21 - 00000000 ____D () C:\Users\Deni\Documents\House and Garden SERVICES
2015-05-12 16:01 - 2006-06-21 13:58 - 00001198 _____ () C:\Users\Deni\Desktop\Wireless Network Info.txt
2015-05-12 12:41 - 2009-10-29 16:44 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-05-07 11:16 - 2010-09-27 12:04 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-27 10:33 - 2006-05-24 23:05 - 02302976 ___SH () C:\Users\Deni\Documents\Thumbs.db
2015-04-27 10:28 - 2012-12-19 21:15 - 00020670 _____ () C:\Users\Deni\Documents\Christmas Address List 2012 COMPLETE.xlsx
2015-04-26 17:23 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\RECIPES
2015-04-25 11:33 - 2014-04-23 14:05 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-25 11:33 - 2014-01-07 12:25 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-25 11:33 - 2013-03-04 10:37 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-25 11:33 - 2013-03-04 10:37 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-25 11:33 - 2012-02-24 01:42 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-25 11:33 - 2012-01-19 08:30 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-25 11:33 - 2012-01-19 08:29 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-25 11:32 - 2012-02-24 01:42 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-04-25 11:32 - 2012-01-19 08:29 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-24 16:19 - 2015-04-08 11:41 - 00000000 ____D () C:\Users\Deni\AppData\Local\CrashDumps
2015-04-24 13:11 - 2010-09-27 12:04 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2009-11-19 11:07 - 2009-11-19 11:07 - 0004632 _____ () C:\Program Files\0x0409.ini
2009-11-19 11:07 - 2009-11-19 11:07 - 0740864 _____ () C:\Program Files\1033.MST
2005-12-14 16:54 - 2001-03-15 09:58 - 1013507 _____ () C:\Program Files\ComedyCardStudioManual.pdf
2005-12-14 16:54 - 2003-03-31 23:13 - 0028125 ____N () C:\Program Files\Eula.txt
2009-11-19 11:07 - 2009-11-19 11:07 - 45639680 _____ () C:\Program Files\iPod for Windows 2006-06-28.msi
2009-01-09 23:52 - 2009-01-09 23:59 - 0000134 _____ () C:\Program Files\libmp3lame-win-3.98.2.zip
2002-01-26 01:36 - 2002-01-26 01:35 - 0002407 _____ () C:\Program Files\message3.txt
2005-12-14 16:54 - 2001-03-15 09:10 - 0011744 _____ () C:\Program Files\Original Copy of Eula.txt
2005-12-14 16:54 - 2001-03-16 11:17 - 0009493 _____ () C:\Program Files\Original Copy of readme.txt
2005-12-14 16:54 - 2003-03-31 23:12 - 0025178 ____N () C:\Program Files\readme.txt
2009-08-19 13:59 - 2009-08-19 13:59 - 0010066 _____ () C:\Program Files\taylormade rescue hybrid.jpg
2005-10-08 18:23 - 2005-10-08 18:23 - 0024406 _____ () C:\Program Files\Untitled.jpg
2010-04-21 12:32 - 2010-04-21 12:32 - 0000025 _____ () C:\Users\Deni\AppData\Roaming\bdfvconp.ini
2014-05-07 16:13 - 2014-05-07 16:13 - 0000035 _____ () C:\Users\Deni\AppData\Roaming\mbam.context.scan
2011-04-27 12:59 - 2011-04-27 13:13 - 0000077 _____ () C:\Users\Deni\AppData\Roaming\Rim.Desktop.Exception.log
2011-04-27 11:44 - 2011-04-27 11:44 - 0001147 _____ () C:\Users\Deni\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-05-12 18:47 - 2015-05-12 18:47 - 0000064 _____ () C:\Users\Deni\AppData\Local\9aff5a1a12d9faf30fb9a5b935a39c40
2014-07-25 12:46 - 2014-08-14 18:48 - 0159672 _____ () C:\Users\Deni\AppData\Local\ars.cache
2014-07-25 12:46 - 2014-08-14 18:48 - 0351087 _____ () C:\Users\Deni\AppData\Local\census.cache
2011-04-27 13:00 - 2011-04-27 13:00 - 0014848 _____ () C:\Users\Deni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-03-28 16:29 - 2007-03-28 16:29 - 0000127 _____ () C:\Users\Deni\AppData\Local\fusioncache.dat
2014-07-25 12:23 - 2014-07-25 12:23 - 0000036 _____ () C:\Users\Deni\AppData\Local\housecall.guid.cache
2012-03-27 14:40 - 2012-03-27 14:40 - 0000017 _____ () C:\Users\Deni\AppData\Local\resmon.resmoncfg
2014-07-25 12:37 - 2014-08-14 18:43 - 0000010 _____ () C:\Users\Deni\AppData\Local\sponge.last.runtime.cache
2011-07-23 16:36 - 2011-07-23 16:36 - 0000000 _____ () C:\Users\Deni\AppData\Local\{179C5815-782C-4F8F-88E5-D079AB43B531}
2010-09-27 12:05 - 2010-09-27 12:05 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-01-19 13:41 - 2009-01-19 13:41 - 0039705 _____ () C:\ProgramData\hprealign_log.txt
2009-11-18 12:20 - 2014-08-13 13:41 - 0063160 _____ () C:\ProgramData\hpzinstall.log
2009-11-18 12:20 - 2009-11-18 12:35 - 0001135 _____ () C:\ProgramData\Original Copy of hpzinstall.log
2014-11-24 16:35 - 2014-11-24 16:35 - 0000000 _____ () C:\ProgramData\PKP_DLec.DAT

Files to move or delete:
====================
C:\Users\Deni\SysInfo.exe

Some content of TEMP:
====================
C:\Users\Deni\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Deni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzx06um.dll
C:\Users\Deni\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Deni\AppData\Local\Temp\HPInstaller.exe
C:\Users\Deni\AppData\Local\Temp\HPPSdr.exe
C:\Users\Deni\AppData\Local\Temp\install.exe
C:\Users\Deni\AppData\Local\Temp\lowproc.exe
C:\Users\Deni\AppData\Local\Temp\Quarantine.exe
C:\Users\Deni\AppData\Local\Temp\SonosUpgrader.exe
C:\Users\Deni\AppData\Local\Temp\sqlite3.dll
C:\Users\Deni\AppData\Local\Temp\stubhelper.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-12 23:48

==================== End Of Log ============================


----------



## JSntgRvr (Jul 1, 2003)

Please download the attached file and save it in the same directory as *FRST*.

Start *FRST* with Administrator privileges.
Press the *Fix* button.
When finished, a log file (*Fixlog.txt*) pops up and is saved to the same location the tool was run from.
Please copy and paste its contents in your next reply.


----------



## migolfergirl (Oct 17, 2006)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-05-2015 01
Ran by Deni at 2015-05-14 12:23:50 Run:2
Running from C:\Users\Deni\Desktop
Loaded Profiles: Deni (Available profiles: Deni & Guest)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{03022430-ABC4-11D0-BDE2-00AA001A1953}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{2933BF90-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{4657278A-411B-11D2-839A-00C04FD918D0}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D0A03AD0-F49C-4E01-9C1D-CA3B7B73B08E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D3C25535-8D07-4A8E-B24F-B917CCD78A0F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FF4FF418-2C5B-455E-B4E6-B530FABF04AF}\InprocServer32 -> No File Path
Task: {AD59AF74-8CB1-4C46-8AC3-88FA20F20A86} - \Run RoboForm TaskBar Icon No Task File <==== ATTENTION
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Classes\.exe: => <===== ATTENTION!
FirewallRules: [{B8F2EF62-0416-4331-9D0F-97908B6EAAB7}] => (Allow) LPort=4481
FirewallRules: [{4F5161AC-2FD3-4323-8929-CF2E385E5416}] => (Allow) LPort=4481
FirewallRules: [{E1928657-5FB4-43AB-BC90-2381801A10BB}] => (Allow) LPort=4482
FirewallRules: [{37D1C610-86E8-4BA4-9654-B93509304E45}] => (Allow) LPort=4482
FirewallRules: [{1FA9FA2C-0D8F-43CD-82C5-679CBB0C6BB2}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS100C\HPDiagnosticCoreUI.exe
FirewallRules: [{1563DC08-749D-4531-9348-C35819BFB1C4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS100C\HPDiagnosticCoreUI.exe
FirewallRules: [{5D4FAD5E-3CC8-4DBF-BAD4-0A918ECAC27C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS4C57\hppiw.exe
FirewallRules: [{B44AEC71-5856-4470-8BAA-09FDB9EA1215}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS4C57\hppiw.exe
FirewallRules: [{3DABE032-829B-4F81-862A-3433578B92A4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3FB2\hppiw.exe
FirewallRules: [{7F00DCDA-3B63-4D2A-8B0F-308BDFDD452B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3FB2\hppiw.exe
FirewallRules: [{65BE7EBA-B147-4A42-8702-88BC9048F0E4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2A8B\HPDiagnosticCoreUI.exe
FirewallRules: [{C46AF6BC-DDBA-43D4-AA71-D540B6C9197F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2A8B\HPDiagnosticCoreUI.exe
FirewallRules: [{906DD7A1-E9C6-49E2-92BF-69BFE8AA8C7D}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS358A\hppiw.exe
FirewallRules: [{94967643-C0A7-4364-B585-866382B7B227}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS358A\hppiw.exe
FirewallRules: [{71B6158E-E738-47E8-93B2-5CED324B24A1}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3216\HPDiagnosticCoreUI.exe
FirewallRules: [{0E3F0B29-A969-4937-BB31-093474C88006}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3216\HPDiagnosticCoreUI.exe
FirewallRules: [{72A56E8E-9B08-44F8-906E-9557AEFDADF4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2DF3\HPDiagnosticCoreUI.exe
FirewallRules: [{C5681341-4FC2-472D-83D1-7FDC90133904}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS2DF3\HPDiagnosticCoreUI.exe
FirewallRules: [{50F91064-B456-4E90-B80B-2ABF2BD296B5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS338D\HPDiagnosticCoreUI.exe
FirewallRules: [{9E66DFCE-ED53-40A0-AEA6-75629A25A04D}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS338D\HPDiagnosticCoreUI.exe
FirewallRules: [{2CFC08B8-9DB0-4D12-897D-C9D5104AD12F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS33CB\HPDiagnosticCoreUI.exe
FirewallRules: [{2CC28ADE-F78F-41DB-9A8A-7AE6995125CF}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS33CB\HPDiagnosticCoreUI.exe
FirewallRules: [{6F092720-1784-4BF8-8479-B5EE7C9B5C55}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3AC8\hppiw.exe
FirewallRules: [{8C26FB33-4F55-40A6-8F75-EBB3FF23859A}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS3AC8\hppiw.exe
FirewallRules: [{43878482-0FC2-4F25-AB93-6C363753B64C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6708\hppiw.exe
FirewallRules: [{F294645E-CC89-45C0-99B1-A3A73417691F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6708\hppiw.exe
FirewallRules: [{D32AE993-771E-4DE5-8C07-50D435659B7D}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68AE\HPDiagnosticCoreUI.exe
FirewallRules: [{7FB476CC-1FEA-43E7-B808-DB057CE5C61C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68AE\HPDiagnosticCoreUI.exe
FirewallRules: [{69C12F37-64B9-47FA-92E8-E5AC67E84ED5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68DB\HPDiagnosticCoreUI.exe
FirewallRules: [{BAA78B8A-98E7-4242-B03E-5B8BAF47E932}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS68DB\HPDiagnosticCoreUI.exe
FirewallRules: [{53C5698E-ACBB-45F5-9543-42F9D9698207}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS061E\hppiw.exe
FirewallRules: [{8F8B28DC-9A4D-4AC0-8921-F07E4BDF2C2E}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS061E\hppiw.exe
FirewallRules: [{088C5DC4-B629-47AA-9A17-54741F0D7408}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS30B2\HPDiagnosticCoreUI.exe
FirewallRules: [{5530BA87-390C-4323-B8AA-E3F2A3C2D8E5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS30B2\HPDiagnosticCoreUI.exe
FirewallRules: [{647831B8-8FF7-42E3-839E-9F9ACF8B6064}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0902\hppiw.exe
FirewallRules: [{FF443AFE-1601-4544-8F59-7F5A5CA1F526}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0902\hppiw.exe
FirewallRules: [{E29201C7-04F4-4BAF-8BED-96B808ED7F22}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D8A\hppiw.exe
FirewallRules: [{2021DF06-4DCB-4C9F-A9A2-4FE4AABB9EC6}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D8A\hppiw.exe
FirewallRules: [{29C53643-E3FB-451D-BFD2-D97F36419BB6}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6319\HPDiagnosticCoreUI.exe
FirewallRules: [{2C189A71-8804-4E76-8C2D-8D24F9959F1B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS6319\HPDiagnosticCoreUI.exe
FirewallRules: [{1823C72E-7FEA-4299-B534-75B47DFCAB3B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS66D3\HPDiagnosticCoreUI.exe
FirewallRules: [{4BB07C17-3DBE-439C-B242-1A410D6B953B}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS66D3\HPDiagnosticCoreUI.exe
FirewallRules: [{1D4E0BAF-38A7-43A4-B6C5-3FAE27FA5F9F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{89A75790-A8C5-42FE-91D4-CBC222982CC4}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A54EF524-843E-4426-92CB-C18522C4E0BC}] => (Allow) LPort=2869
FirewallRules: [{9A6131CC-843F-4FDB-BDFA-01FB54627A8D}] => (Allow) LPort=1900
FirewallRules: [{188B9D9C-16BB-4A8E-A914-20C8D494BAAD}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0B78\HPDiagnosticCoreUI.exe
FirewallRules: [{A5AF31A4-6DE8-41C9-B3B8-8430CE764E47}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0B78\HPDiagnosticCoreUI.exe
FirewallRules: [{55F23509-2C33-47D8-8A01-CFD9032BA5F4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0BD0\HPDiagnosticCoreUI.exe
FirewallRules: [{3DFFC030-565B-4D57-81CD-330584933372}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0BD0\HPDiagnosticCoreUI.exe
FirewallRules: [{E19C252C-5D32-4523-B2FF-3339CDFA8F5F}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D26\HPDiagnosticCoreUI.exe
FirewallRules: [{E55529B6-EC64-4B69-8C70-A54B6DCF567E}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS5D26\HPDiagnosticCoreUI.exe
FirewallRules: [{2CDC84D6-24E9-4D97-9F64-80A81F018FA6}] => (Allow) C:\Users\Deni\AppData\Local\Temp\nsn3FEF.tmp\CnetInstaller-76037274.exe
FirewallRules: [{A6E07F7E-E2E3-4E4D-B3EC-8D0EF56C166A}] => (Allow) C:\Users\Deni\AppData\Local\Temp\nsn3FEF.tmp\CnetInstaller-76037274.exe
FirewallRules: [{E93C9CC1-5269-44F1-8C18-87695BB4FD2A}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS50FC\HPDiagnosticCoreUI.exe
FirewallRules: [{F7BA8AC1-E69F-4D4F-840E-9E494E560E72}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS50FC\HPDiagnosticCoreUI.exe
FirewallRules: [{DF0BCC57-5CF8-45FC-9A24-0C97FCD66974}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS12FD\HPDiagnosticCoreUI.exe
FirewallRules: [{04BFE2CB-8B62-4287-A93C-D9B6129088A3}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS12FD\HPDiagnosticCoreUI.exe
FirewallRules: [{7374A8A8-A9B8-4D13-A0E3-2CA3BF4743CF}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS1335\HPDiagnosticCoreUI.exe
FirewallRules: [{CE9CD310-DF05-4C05-B8FD-23CE3845A496}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS1335\HPDiagnosticCoreUI.exe
FirewallRules: [{FC833148-B9BA-4823-BED5-1D46D6B868B4}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0EDC\HPDiagnosticCoreUI.exe
FirewallRules: [{9A8B53BA-C360-4591-B5BA-127DA01C9CA1}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS0EDC\HPDiagnosticCoreUI.exe
FirewallRules: [{436616E4-3B0F-40E1-9A80-8E509F35D13C}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS734D\HPDiagnosticCoreUI.exe
FirewallRules: [{406394B5-F72F-4B06-ABA5-BBCC830561C7}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS734D\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{974700B7-1677-4DE5-B4CF-443910D2F37C}C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.ex e] => (Allow) C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.exe
FirewallRules: [UDP Query User{0A8946B8-E4DE-41F5-83E2-355B7F040C0E}C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.ex e] => (Allow) C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.exe
FirewallRules: [{36119141-BCBF-4948-859B-200ABEDBFA2E}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS619D\HPDiagnosticCoreUI.exe
FirewallRules: [{9A2FB5C7-B63F-4214-8CCC-5C5072429FC5}] => (Allow) C:\Users\Deni\AppData\Local\Temp\7zS619D\HPDiagnosticCoreUI.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\Deni\SysInfo.exe
C:\Users\Deni\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Deni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzx06um.dll
C:\Users\Deni\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Deni\AppData\Local\Temp\HPInstaller.exe
C:\Users\Deni\AppData\Local\Temp\HPPSdr.exe
C:\Users\Deni\AppData\Local\Temp\install.exe
C:\Users\Deni\AppData\Local\Temp\lowproc.exe
C:\Users\Deni\AppData\Local\Temp\Quarantine.exe
C:\Users\Deni\AppData\Local\Temp\SonosUpgrader.exe
C:\Users\Deni\AppData\Local\Temp\sqlite3.dll
C:\Users\Deni\AppData\Local\Temp\stubhelper.dll
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\...\Winlogon: [Shell] - <==== ATTENTION 
C:\Windows\System32\Tasks\ProPCCleaner_Popup
C:\Windows\System32\Tasks\ProPCCleaner_Start
C:\Users\deni\AppData\Local\Pro_PC_Cleaner
C:\Users\deni\Downloads\Setup(1).exe
C:\Users\deni\Documents\ProPCCleaner
C:\Users\deni\Downloads\Setup.exe
Task: {33DBC4FE-DBA9-481F-BB68-BF12C6E5B5F2} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {4B6E0074-A2D3-480C-AB2C-4543DC3C9302} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Classes\.exe: => <===== ATTENTION!
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\...\Winlogon: [Shell] - <==== ATTENTION 
C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2
C:\Users\deni\AppData\Local\Temp\0021401431482480mcinst.exe
C:\Users\deni\AppData\Local\Temp\ose00000.exe
C:\Users\deni\AppData\Local\Temp\Quarantine.exe
C:\Users\deni\AppData\Local\Temp\SpOrder.dll
C:\Users\deni\AppData\Local\Temp\sqlite3.dll
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Classes\.exe: => <===== ATTENTION!
EmptyTemp:

*****************

"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00021401-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{03022430-ABC4-11D0-BDE2-00AA001A1953}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{2933BF90-7B36-11D2-B20E-00C04F983E60}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{4657278A-411B-11D2-839A-00C04FD918D0}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D0A03AD0-F49C-4E01-9C1D-CA3B7B73B08E}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D3C25535-8D07-4A8E-B24F-B917CCD78A0F}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FF4FF418-2C5B-455E-B4E6-B530FABF04AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD59AF74-8CB1-4C46-8AC3-88FA20F20A86}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD59AF74-8CB1-4C46-8AC3-88FA20F20A86}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run RoboForm TaskBar Icon" => Key deleted successfully.
"HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Classes\.exe" => Key deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8F2EF62-0416-4331-9D0F-97908B6EAAB7} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F5161AC-2FD3-4323-8929-CF2E385E5416} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1928657-5FB4-43AB-BC90-2381801A10BB} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37D1C610-86E8-4BA4-9654-B93509304E45} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1FA9FA2C-0D8F-43CD-82C5-679CBB0C6BB2} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1563DC08-749D-4531-9348-C35819BFB1C4} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D4FAD5E-3CC8-4DBF-BAD4-0A918ECAC27C} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B44AEC71-5856-4470-8BAA-09FDB9EA1215} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DABE032-829B-4F81-862A-3433578B92A4} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F00DCDA-3B63-4D2A-8B0F-308BDFDD452B} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65BE7EBA-B147-4A42-8702-88BC9048F0E4} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C46AF6BC-DDBA-43D4-AA71-D540B6C9197F} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{906DD7A1-E9C6-49E2-92BF-69BFE8AA8C7D} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94967643-C0A7-4364-B585-866382B7B227} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71B6158E-E738-47E8-93B2-5CED324B24A1} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E3F0B29-A969-4937-BB31-093474C88006} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{72A56E8E-9B08-44F8-906E-9557AEFDADF4} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5681341-4FC2-472D-83D1-7FDC90133904} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50F91064-B456-4E90-B80B-2ABF2BD296B5} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E66DFCE-ED53-40A0-AEA6-75629A25A04D} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CFC08B8-9DB0-4D12-897D-C9D5104AD12F} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CC28ADE-F78F-41DB-9A8A-7AE6995125CF} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F092720-1784-4BF8-8479-B5EE7C9B5C55} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C26FB33-4F55-40A6-8F75-EBB3FF23859A} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43878482-0FC2-4F25-AB93-6C363753B64C} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F294645E-CC89-45C0-99B1-A3A73417691F} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D32AE993-771E-4DE5-8C07-50D435659B7D} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FB476CC-1FEA-43E7-B808-DB057CE5C61C} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69C12F37-64B9-47FA-92E8-E5AC67E84ED5} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BAA78B8A-98E7-4242-B03E-5B8BAF47E932} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53C5698E-ACBB-45F5-9543-42F9D9698207} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F8B28DC-9A4D-4AC0-8921-F07E4BDF2C2E} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{088C5DC4-B629-47AA-9A17-54741F0D7408} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5530BA87-390C-4323-B8AA-E3F2A3C2D8E5} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{647831B8-8FF7-42E3-839E-9F9ACF8B6064} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF443AFE-1601-4544-8F59-7F5A5CA1F526} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E29201C7-04F4-4BAF-8BED-96B808ED7F22} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2021DF06-4DCB-4C9F-A9A2-4FE4AABB9EC6} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29C53643-E3FB-451D-BFD2-D97F36419BB6} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C189A71-8804-4E76-8C2D-8D24F9959F1B} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1823C72E-7FEA-4299-B534-75B47DFCAB3B} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BB07C17-3DBE-439C-B242-1A410D6B953B} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D4E0BAF-38A7-43A4-B6C5-3FAE27FA5F9F} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89A75790-A8C5-42FE-91D4-CBC222982CC4} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A54EF524-843E-4426-92CB-C18522C4E0BC} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A6131CC-843F-4FDB-BDFA-01FB54627A8D} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{188B9D9C-16BB-4A8E-A914-20C8D494BAAD} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5AF31A4-6DE8-41C9-B3B8-8430CE764E47} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{55F23509-2C33-47D8-8A01-CFD9032BA5F4} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DFFC030-565B-4D57-81CD-330584933372} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E19C252C-5D32-4523-B2FF-3339CDFA8F5F} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E55529B6-EC64-4B69-8C70-A54B6DCF567E} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CDC84D6-24E9-4D97-9F64-80A81F018FA6} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6E07F7E-E2E3-4E4D-B3EC-8D0EF56C166A} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E93C9CC1-5269-44F1-8C18-87695BB4FD2A} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7BA8AC1-E69F-4D4F-840E-9E494E560E72} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF0BCC57-5CF8-45FC-9A24-0C97FCD66974} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04BFE2CB-8B62-4287-A93C-D9B6129088A3} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7374A8A8-A9B8-4D13-A0E3-2CA3BF4743CF} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE9CD310-DF05-4C05-B8FD-23CE3845A496} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC833148-B9BA-4823-BED5-1D46D6B868B4} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A8B53BA-C360-4591-B5BA-127DA01C9CA1} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{436616E4-3B0F-40E1-9A80-8E509F35D13C} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{406394B5-F72F-4B06-ABA5-BBCC830561C7} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{974700B7-1677-4DE5-B4CF-443910D2F37C}C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.ex e => Value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0A8946B8-E4DE-41F5-83E2-355B7F040C0E}C:\users\deni\appdata\local\temp\7zs734d\hpdiagnosticcoreui.ex e => Value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36119141-BCBF-4948-859B-200ABEDBFA2E} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A2FB5C7-B63F-4214-8CCC-5C5072429FC5} => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\Deni\SysInfo.exe => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\dllnt_dump.dll => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzx06um.dll => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\GLB1A2B.EXE => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\HPInstaller.exe => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\HPPSdr.exe => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\install.exe => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\lowproc.exe => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\SonosUpgrader.exe => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Deni\AppData\Local\Temp\stubhelper.dll => Moved successfully.
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
"C:\Windows\System32\Tasks\ProPCCleaner_Popup" => File/Directory not found.
"C:\Windows\System32\Tasks\ProPCCleaner_Start" => File/Directory not found.
"C:\Users\deni\AppData\Local\Pro_PC_Cleaner" => File/Directory not found.
"C:\Users\deni\Downloads\Setup(1).exe" => File/Directory not found.
"C:\Users\deni\Documents\ProPCCleaner" => File/Directory not found.
"C:\Users\deni\Downloads\Setup.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33DBC4FE-DBA9-481F-BB68-BF12C6E5B5F2} => Key not found. 
C:\Windows\System32\Tasks\ProPCCleaner_Popup not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B6E0074-A2D3-480C-AB2C-4543DC3C9302} => Key not found. 
C:\Windows\System32\Tasks\ProPCCleaner_Start not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start => Key not found. 
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Classes\.exe => Key not found. 
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
"C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2" => File/Directory not found.
"C:\Users\deni\AppData\Local\Temp\0021401431482480mcinst.exe" => File/Directory not found.
"C:\Users\deni\AppData\Local\Temp\ose00000.exe" => File/Directory not found.
"C:\Users\deni\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\deni\AppData\Local\Temp\SpOrder.dll" => File/Directory not found.
"C:\Users\deni\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Classes\.exe => Key not found. 
EmptyTemp: => Removed 3.1 GB temporary data.

The system needed a reboot.

==== End of Fixlog 12:29:13 ====

J, if this machine is clean, would you take a quick look at the new one? The only thing it has running, besides the MS OS, are a few programs I loaded onto it. It has Office, and several printing apps.

Let me know. THANK YOU!!!


----------



## JSntgRvr (Jul 1, 2003)

Let finish with this one first. How does this one doing?


----------



## migolfergirl (Oct 17, 2006)

It's running SO much better. Just some weird black boxes that flash on the screen at startup.


----------



## JSntgRvr (Jul 1, 2003)

MSDOS Boxes? Are you able to take a screen shot of one?


You can do this by pressing the *PrintScreen* key.
Then search > Paint
In Paint, go up to *Edit > Paste*
Then Go up to *File > Save As*. Click the drop-down box to change the *"Save As Type"* to *"JPEG"*, name it what you want, and save it on the desktop.
Then click *Reply* in this topic.
Scroll down to manage attachments
Click the *Choose Browse* button. 
Locate the file you just saved, click on it, then click *Open*, then *Upload.*
Add a Reply

We need to remove the tools we've used during cleaning your machine


Download Delfix from *here*
Ensure *Remove disinfection tools* is ticked
*Also tick:
*
Create registry backup
Purge system restore










Click *Run*
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

================================================================

On the other computer:

Please download Farbar Recovery Scan Tool and save it to your desktop.

*Note*: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click *Yes* to disclaimer.
Make sure that under *Optional Scans*, there is a checkmark on Addition.txt.
Press *Scan* button.
It will make a log (*FRST.txt*) in the same directory the tool is run. Please copy and paste it to your reply.
The tool will also produce another log (*Addition.txt *). Please attach this to your reply.


----------



## migolfergirl (Oct 17, 2006)

No, the black boxes just flash on the screen. Not there long enough to capture a screen shot.


----------



## JSntgRvr (Jul 1, 2003)

I don't see where that may come from in the logs.

Run *Delfix* on that one and *FRST* on the other as suggested above.


----------



## migolfergirl (Oct 17, 2006)

NEW MACHINE:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 02
Ran by deni (administrator) on DENI-PC on 15-05-2015 15:27:03
Running from C:\Users\deni\Downloads
Loaded Profiles: deni (Available profiles: deni)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\srvc.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\cust.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TODO: <Company name>) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\Planner\PLNRnote.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Creative Home) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\wkcalrem.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Temp\99FDC589-59C5-431E-BCE7-1054BCB0BB0B\DismHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-05] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8925184 2014-12-22] (Dell Inc.)
HKLM\...\Run: [DellCApp] => C:\Program Files\Dell\Click 2 Fix+\capp.exe -l
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-11-10] (McAfee, Inc.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-01] ()
HKLM-x32\...\Run: [AddressBookReminderApp] => C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\ReminderApp.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\...\MountPoints2: {abb91e48-89d6-11e4-a252-806e6f6e6963} - D:\SETUP.EXE AUTORUN=1
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\...\Winlogon: [Shell] - <==== ATTENTION 
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-12-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder 2008.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder 2008.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\Shortcut_EventPlan_5D0DF1BBD82E4FB2B98E4FDE42EF7EBB.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe (Creative Home)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2015-05-12]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> DefaultScope {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL = 
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-13] (Avast Software s.r.o.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-13] (Avast Software s.r.o.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2013-11-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2013-11-10] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\deni\AppData\Roaming\Mozilla\Firefox\Profiles\cnn9kzj6.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2013-11-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2013-11-10] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4289309018-589893681-2597226705-1000: @citrixonline.com/appdetectorplugin -> C:\Users\deni\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-12] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-13]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Google Docs) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-13]
CHR Extension: (Google Drive) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-13]
CHR Extension: (YouTube) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-13]
CHR Extension: (Google Search) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-13]
CHR Extension: (Google Sheets) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Avast Online Security) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-13]
CHR Extension: (Gmail) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-13] (Avast Software)
R2 Dell Click 2 Fix+; C:\Program Files\Dell\Click 2 Fix+\srvc.exe [105792 2015-03-27] (Dell)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [75120 2015-03-04] (Dell)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-05] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-05] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-10] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [333584 2013-09-26] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601920 2013-12-03] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-05] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-05] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-10] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-12-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6178304 2014-12-22] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-13] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-13] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-22] (Broadcom Corporation.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2015-05-12] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-13] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 15:28 - 2015-05-15 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-05-15 15:26 - 2015-05-15 15:26 - 00001433 _____ () C:\Users\deni\Desktop\FRST64 - Shortcut.lnk
2015-05-15 15:25 - 2015-05-15 15:26 - 02106368 _____ (Farbar) C:\Users\deni\Downloads\FRST64.exe
2015-05-14 04:27 - 2015-05-14 04:32 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-14 04:09 - 2015-01-08 16:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-05-14 04:09 - 2015-01-08 16:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-05-14 03:25 - 2015-05-14 03:27 - 00445078 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-05-14 03:14 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-05-14 03:14 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-05-14 03:14 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-05-14 03:14 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-05-14 03:14 - 2012-06-02 07:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-05-14 03:09 - 2015-05-01 06:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:09 - 2015-05-01 06:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:06 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-05-14 03:06 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-05-14 03:04 - 2015-05-14 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-05-14 03:04 - 2015-05-14 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-14 03:00 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-05-14 03:00 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-05-14 03:00 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-05-14 03:00 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-05-14 03:00 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-05-14 03:00 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-05-14 03:00 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-05-14 03:00 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-05-13 17:35 - 2015-05-13 17:35 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Users\deni\AppData\Roaming\AVAST Software
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-13 17:34 - 2015-05-15 14:44 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 17:34 - 2015-05-13 17:39 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-13 17:34 - 2015-05-13 17:39 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 17:34 - 2015-05-13 17:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 17:34 - 2015-05-13 17:35 - 00000000 ____D () C:\Users\deni\AppData\Local\Google
2015-05-13 17:34 - 2015-05-13 17:34 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-13 17:34 - 2015-05-13 17:34 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-13 17:34 - 2015-05-13 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-13 17:34 - 2015-05-13 17:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-13 17:34 - 2015-05-13 17:33 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-13 17:34 - 2015-05-13 17:33 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-13 17:33 - 2015-05-13 17:33 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-13 17:33 - 2015-05-13 17:33 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-13 17:32 - 2015-05-13 17:32 - 05473032 _____ (Avast Software s.r.o.) C:\Users\deni\Downloads\avast_free_antivirus_setup_online.exe
2015-05-13 17:32 - 2015-05-13 17:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-13 17:29 - 2015-05-13 17:29 - 00001711 _____ () C:\Users\deni\Downloads\license(1).avastlic
2015-05-13 17:13 - 2015-05-13 17:13 - 00001711 _____ () C:\Users\deni\Downloads\license.avastlic
2015-05-13 13:23 - 2015-05-13 13:23 - 00000000 ____D () C:\Users\deni\AppData\Local\NovaRegister
2015-05-13 13:21 - 2015-05-13 13:21 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-13 03:16 - 2015-05-04 18:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 03:16 - 2015-05-04 18:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 03:16 - 2015-04-21 19:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 03:16 - 2015-04-21 18:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 03:16 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 03:16 - 2015-04-21 10:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 03:16 - 2015-04-21 10:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 03:16 - 2015-04-21 09:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 03:16 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 03:16 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 03:16 - 2015-04-21 09:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 03:16 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 03:16 - 2015-04-21 09:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 03:16 - 2015-04-21 09:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 03:16 - 2015-04-21 09:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 03:16 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 03:16 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 03:16 - 2015-04-21 09:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 03:16 - 2015-04-21 09:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 03:16 - 2015-04-21 09:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 03:16 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 03:16 - 2015-04-21 09:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 03:16 - 2015-04-21 09:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 03:16 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 03:16 - 2015-04-21 09:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 03:16 - 2015-04-21 09:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 03:16 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 03:16 - 2015-04-21 09:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 03:16 - 2015-04-21 09:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 03:16 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 03:16 - 2015-04-21 09:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 03:16 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 03:16 - 2015-04-21 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 03:16 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 03:16 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 03:16 - 2015-04-21 09:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 03:16 - 2015-04-21 09:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 03:16 - 2015-04-21 09:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 03:16 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 03:16 - 2015-04-21 08:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 03:16 - 2015-04-21 08:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 03:16 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 03:16 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 03:16 - 2015-04-21 08:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 03:16 - 2015-04-21 08:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 03:16 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 03:16 - 2015-04-21 08:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 03:16 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 03:16 - 2015-04-21 08:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 03:16 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 03:16 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 03:16 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 03:16 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 03:16 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 03:16 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 03:16 - 2015-04-21 08:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 03:16 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 03:16 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 03:16 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 03:16 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 03:16 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 03:16 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 03:16 - 2015-04-17 20:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 03:16 - 2015-04-17 19:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 03:16 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 03:16 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-05-13 03:16 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-05-13 03:16 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-05-13 03:16 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-05-13 03:16 - 2014-12-11 10:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-05-13 03:15 - 2015-04-27 12:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 03:15 - 2015-04-27 12:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 03:15 - 2015-04-27 12:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 03:15 - 2015-04-27 12:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 03:15 - 2015-04-27 12:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 03:15 - 2015-04-27 12:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 03:15 - 2015-04-27 12:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 03:15 - 2015-04-27 12:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 03:15 - 2015-04-27 12:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 03:15 - 2015-04-27 12:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 03:15 - 2015-04-27 12:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 03:15 - 2015-04-27 12:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 03:15 - 2015-04-27 12:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 03:15 - 2015-04-27 12:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 03:15 - 2015-04-27 10:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 03:15 - 2015-04-27 10:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 03:15 - 2015-04-27 10:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 03:15 - 2015-04-19 20:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 03:15 - 2015-04-19 20:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 03:15 - 2015-04-19 19:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 03:15 - 2015-04-19 19:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 03:15 - 2015-02-19 21:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-05-13 03:15 - 2015-02-19 21:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-05-13 03:15 - 2015-02-19 20:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-05-13 03:15 - 2015-02-19 20:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-05-13 03:15 - 2015-02-02 20:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-05-13 03:15 - 2015-02-02 20:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-05-13 03:15 - 2015-02-02 20:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-05-13 03:15 - 2015-02-02 20:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-05-13 03:15 - 2015-02-02 20:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-05-13 03:15 - 2015-02-02 20:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-05-13 03:15 - 2015-02-02 20:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-05-13 03:15 - 2015-02-02 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-05-13 03:15 - 2015-02-02 20:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-05-13 03:15 - 2015-02-02 20:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-05-13 03:15 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-05-13 03:15 - 2015-02-02 20:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-05-13 03:15 - 2015-02-02 20:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-05-13 03:15 - 2015-02-02 20:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-05-13 03:15 - 2015-02-02 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-05-13 03:15 - 2015-02-02 19:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-05-13 03:15 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-05-13 03:15 - 2014-10-31 15:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-05-13 03:15 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-05-13 03:15 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-05-13 03:15 - 2014-06-27 17:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-05-13 03:15 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-05-13 03:14 - 2015-04-07 20:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 03:14 - 2015-04-07 20:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 03:14 - 2015-04-07 20:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-13 03:14 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-13 03:14 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-13 03:14 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-13 03:14 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-13 03:14 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-13 03:14 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-13 03:14 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-13 03:14 - 2015-02-12 22:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-13 03:14 - 2015-02-12 22:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-13 03:14 - 2015-02-02 20:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-05-13 03:14 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-05-13 03:14 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 03:14 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 03:14 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-05-13 03:14 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-13 03:14 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-13 03:14 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-05-13 03:14 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-05-13 03:14 - 2014-10-13 19:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-05-13 03:14 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 03:14 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-05-13 03:13 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-13 03:13 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-13 03:13 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-13 03:13 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-13 03:13 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-13 03:13 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-13 03:13 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-13 03:13 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 03:13 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 03:13 - 2015-01-30 16:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 03:13 - 2014-11-25 20:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-13 03:13 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-05-13 03:13 - 2014-11-10 20:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-05-13 03:13 - 2014-11-10 19:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-05-13 03:13 - 2014-11-10 18:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-05-13 03:13 - 2014-10-03 19:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-05-13 03:13 - 2014-10-03 18:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-05-13 03:13 - 2014-10-03 18:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-05-13 03:13 - 2014-08-11 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-05-13 03:13 - 2014-08-11 18:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-05-13 03:13 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-05-13 03:12 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-13 03:12 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 03:12 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 03:12 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 03:12 - 2015-02-02 20:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-13 03:12 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-05-13 03:12 - 2015-01-16 19:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-13 03:12 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-05-13 03:12 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-13 03:12 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-05-13 03:12 - 2014-11-07 20:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-05-13 03:12 - 2014-11-07 19:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-05-13 03:12 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-05-13 03:12 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-05-13 03:12 - 2014-10-24 18:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-05-13 03:12 - 2014-10-24 18:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-05-13 03:12 - 2014-10-13 19:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-05-13 03:12 - 2014-10-13 18:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-05-13 03:12 - 2014-10-02 19:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-05-13 03:12 - 2014-10-02 18:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-05-13 03:12 - 2014-10-02 18:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-05-13 03:12 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-05-13 03:12 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-05-13 03:12 - 2014-07-16 19:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-05-13 03:12 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-05-13 03:12 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-05-13 03:12 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-05-13 03:12 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-05-13 03:12 - 2014-07-16 18:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-05-13 03:12 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-05-13 03:12 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-05-13 03:12 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-05-13 03:12 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-05-13 03:12 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-05-13 03:12 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-05-13 03:12 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-05-13 03:12 - 2011-02-18 03:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-05-13 03:12 - 2011-02-17 22:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-05-13 03:11 - 2015-02-03 20:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-13 03:11 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-05-13 03:11 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-05-13 03:11 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-05-12 20:32 - 2015-05-15 15:27 - 00019748 _____ () C:\Users\deni\Downloads\FRST.txt
2015-05-12 20:32 - 2015-05-15 15:27 - 00000000 ____D () C:\FRST
2015-05-12 20:32 - 2015-05-12 20:33 - 00023197 _____ () C:\Users\deni\Downloads\Addition.txt
2015-05-12 19:33 - 2015-05-12 19:34 - 00009580 _____ () C:\Users\deni\Downloads\hijackthis.log
2015-05-12 19:25 - 2015-05-12 19:25 - 02204160 _____ () C:\Users\deni\Downloads\adwcleaner_4.203.exe
2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\AdwCleaner
2015-05-12 18:50 - 2015-05-12 18:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-12 18:47 - 2015-05-12 19:19 - 00000000 ____D () C:\Users\deni\Documents\ProPCCleaner
2015-05-12 18:47 - 2015-05-12 18:47 - 00000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2
2015-05-12 18:34 - 2015-05-12 18:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Macromedia
2015-05-12 18:30 - 2015-05-13 17:07 - 00000000 ____D () C:\Users\deni\AppData\Local\Adobe
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\Users\deni\Documents\Migration Lost and Found
2015-05-12 17:31 - 2015-05-12 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Digital Image Suite 2006
2015-05-12 17:29 - 2015-05-12 23:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Digital Image 2006
2015-05-12 17:29 - 2005-03-23 22:55 - 00083524 ____R () C:\Windows\Enviro.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00070280 ____R () C:\Windows\Maiandit.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00068996 ____R () C:\Windows\RUNICCN.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00067648 ____R () C:\Windows\MATISSE_.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00065724 ____R () C:\Windows\PARADE.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00060716 ____R () C:\Windows\maiandb.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00055812 ____R () C:\Windows\PEPITA.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00049932 ____R () C:\Windows\OCRB.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00044304 ____R () C:\Windows\EUROSTIB.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00043704 ____R () C:\Windows\EUROSTI.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00041952 ____R () C:\Windows\PLACCOND.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00035740 ____R () C:\Windows\KINO.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00101336 ____R () C:\Windows\EDDA.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00070324 ____R () C:\Windows\Andyb.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00043512 ____R () C:\Windows\Beesknee.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00039472 ____R () C:\Windows\BRAGGA.tt2
2015-05-12 17:27 - 2015-05-12 17:27 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-12 17:27 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\Program Files\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\iPod
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-12 17:24 - 2015-05-12 17:24 - 152362800 _____ (Apple Inc.) C:\Users\deni\Downloads\iTunes6464Setup.exe
2015-05-12 17:18 - 2015-05-12 17:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-05-12 17:14 - 2015-05-14 03:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-05-12 17:14 - 2015-05-12 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-12 17:13 - 2015-05-12 17:13 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-12 17:11 - 2015-05-14 04:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Users\deni\AppData\Local\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-12 17:10 - 2015-05-12 17:10 - 00000000 __RHD () C:\MSOCache
2015-05-12 17:06 - 2015-05-12 17:06 - 00001848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00001836 _____ () C:\Users\Public\Desktop\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Clip Gallery
2015-05-12 17:05 - 2015-05-12 17:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Home Publishing 2000
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\HCSShell
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\Creative Home
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\Avanquest North America
2015-05-12 16:50 - 2015-05-12 16:50 - 00185664 _____ (Dell) C:\Users\deni\Downloads\cutil.exe
2015-05-12 16:39 - 2015-05-12 16:52 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2015 Deluxe.lnk
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-12 15:22 - 2015-05-12 15:22 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2011 Deluxe.lnk
2015-05-12 15:01 - 2015-05-13 13:36 - 00000000 ____D () C:\Users\deni\AppData\Roaming\PCDr
2015-05-12 14:59 - 2015-05-12 14:59 - 11305624 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_21Y1M_WN_9.4.0.1016_A00.EXE
2015-05-12 14:58 - 2015-05-12 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-05-12 14:58 - 2015-05-12 23:05 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-05-12 14:58 - 2015-05-12 14:58 - 60349104 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_Y22PK_WN_9.0.0.1310_A00.EXE
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\Users\deni\AppData\Local\softthinks
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\ProgramData\softthinks
2015-05-12 14:58 - 2015-03-24 11:00 - 00126976 _____ () C:\Windows\system32\ff_vfw.dll
2015-05-12 14:58 - 2015-03-24 11:00 - 00112128 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2015-05-12 14:58 - 2015-02-28 09:22 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2015-05-12 14:58 - 2015-02-28 09:21 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2015-05-12 14:58 - 2015-02-24 16:37 - 00655872 _____ () C:\Windows\SysWOW64\xvidcore.dll
2015-05-12 14:58 - 2015-02-24 16:37 - 00240128 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2015-05-12 14:58 - 2014-11-14 07:12 - 00254976 _____ () C:\Windows\system32\xvidvfw.dll
2015-05-12 14:58 - 2014-11-13 08:05 - 00729088 _____ () C:\Windows\system32\xvidcore.dll
2015-05-12 14:58 - 2014-08-12 20:19 - 00000113 ____H () C:\DBAR_Ver.txt
2015-05-12 14:58 - 2013-01-24 06:57 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-05-12 14:58 - 2012-07-21 04:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2015-05-12 14:58 - 2012-07-21 04:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-05-12 14:58 - 2011-12-07 11:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2015-05-12 14:58 - 2011-12-07 11:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2015-05-12 14:56 - 2015-05-12 14:56 - 20595384 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_F81X8_WN_2.5.0.19_A02.EXE
2015-05-12 14:52 - 2015-05-12 14:52 - 00000000 ____D () C:\Users\deni\AppData\Roaming\DropboxOEM
2015-05-12 14:48 - 2015-05-12 14:48 - 00031152 _____ () C:\Windows\system32\Drivers\pmxdrv.sys
2015-05-12 14:47 - 2015-05-12 14:47 - 13942144 _____ () C:\Users\deni\Downloads\XPS_8700_BIOS_A10.EXE
2015-05-12 14:43 - 2015-05-12 14:43 - 00001806 _____ () C:\Users\Public\Desktop\Dell Click 2 Fix+.lnk
2015-05-12 14:43 - 2015-05-12 14:43 - 00000062 _____ () C:\SerialNumber.txt
2015-05-12 14:43 - 2015-05-12 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Click 2 Fix+
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\ProgramData\Citrix
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-05-12 14:38 - 2015-05-12 23:05 - 00000000 ____D () C:\Users\deni\AppData\Local\Citrix
2015-05-12 14:14 - 2015-05-12 14:14 - 00002270 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2006.lnk
2015-05-12 14:14 - 2015-05-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative Home
2015-05-12 13:51 - 2015-05-12 14:01 - 00000000 ____D () C:\ProgramData\Creative Home
2015-05-12 13:51 - 2015-05-12 13:51 - 00000027 _____ () C:\Users\deni\Documents\Hallmark Card Studio 2008.txt
2015-05-12 13:50 - 2015-05-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark
2015-05-12 13:50 - 2015-05-12 13:50 - 00002787 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2008 Deluxe.lnk
2015-05-12 13:46 - 2015-05-12 16:18 - 00000000 ____D () C:\Program Files (x86)\Creative Home
2015-05-12 13:42 - 2015-05-12 13:42 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Local\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieUserList
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieSiteList
2015-05-12 13:34 - 2015-05-13 13:35 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-05-12 13:34 - 2015-05-12 13:34 - 00003980 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-05-12 13:34 - 2015-05-12 13:34 - 00003192 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\Documents\Bluetooth Exchange Folder
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Intel Corporation
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Dell
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\DropboxOEM
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Broadcom
2015-05-12 13:33 - 2015-05-12 14:52 - 00000000 ____D () C:\Users\deni\AppData\Local\VirtualStore
2015-05-12 13:33 - 2015-05-12 13:33 - 00001415 _____ () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-12 13:31 - 2015-05-13 17:07 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Adobe
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Macromedia
2015-05-12 13:30 - 2015-05-15 15:24 - 00160856 _____ () C:\Users\deni\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-12 13:30 - 2015-05-12 13:30 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2015-05-12 13:30 - 2015-05-12 13:30 - 00000020 ___SH () C:\Users\deni\ntuser.ini
2015-05-12 13:30 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-12 13:30 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-12 13:29 - 2015-05-13 10:51 - 00000000 ____D () C:\Users\deni

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 15:27 - 2014-12-22 05:36 - 01287304 _____ () C:\Windows\WindowsUpdate.log
2015-05-15 15:25 - 2014-12-22 05:52 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-05-15 15:25 - 2009-07-13 21:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-15 15:25 - 2009-07-13 21:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-15 15:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-15 15:22 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-15 15:22 - 2009-07-13 21:51 - 00042063 _____ () C:\Windows\setupact.log
2015-05-15 14:45 - 2014-12-22 02:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-14 04:29 - 2010-11-20 20:47 - 00175256 _____ () C:\Windows\PFRO.log
2015-05-14 04:29 - 2009-07-13 21:45 - 00519336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 04:27 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-14 04:11 - 2011-02-10 07:33 - 00775384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-14 04:11 - 2009-07-13 22:13 - 00775384 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-14 03:10 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2015-05-13 17:45 - 2014-12-22 02:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-13 17:45 - 2014-12-22 02:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-13 17:45 - 2014-12-22 02:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-13 10:54 - 2014-12-22 05:53 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-12 23:05 - 2014-12-22 05:53 - 00000000 ____D () C:\Program Files\mcafee.com
2015-05-12 23:05 - 2014-12-22 05:53 - 00000000 ____D () C:\Program Files\mcafee
2015-05-12 23:05 - 2014-12-22 05:53 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-05-12 23:05 - 2014-12-22 05:53 - 00000000 ____D () C:\Program Files (x86)\mcafee.com
2015-05-12 23:05 - 2014-12-22 05:53 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-05-12 23:05 - 2014-12-22 05:52 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-12 23:05 - 2014-12-22 02:02 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-12 23:05 - 2014-12-22 02:02 - 00000000 ____D () C:\Windows\system32\Macromed
2015-05-12 23:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2015-05-12 19:27 - 2014-12-22 05:52 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-12 17:18 - 2010-11-21 00:17 - 00000000 ____D () C:\Windows\ShellNew
2015-05-12 17:13 - 2014-12-22 05:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-12 17:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-12 17:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2015-05-12 15:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-12 15:03 - 2014-12-22 05:49 - 00000000 ____D () C:\Program Files\Dell
2015-05-12 15:02 - 2014-12-22 05:50 - 00000000 ____D () C:\ProgramData\PCDr
2015-05-12 14:58 - 2014-12-22 06:00 - 00009730 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-12 14:57 - 2014-12-22 05:59 - 00000000 ____D () C:\ProgramData\Dell
2015-05-12 14:50 - 2011-02-10 07:25 - 00000000 ____D () C:\dell
2015-05-12 13:35 - 2014-12-22 05:44 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-05-12 13:35 - 2014-12-22 05:42 - 00000000 ____D () C:\ProgramData\Intel
2015-05-12 13:29 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-12 13:14 - 2011-02-10 07:25 - 00000000 ____D () C:\Windows\panther

==================== Files in the root of some directories =======

2015-05-12 18:47 - 2015-05-12 18:47 - 0000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2

Some content of TEMP:
====================
C:\Users\deni\AppData\Local\Temp\ose00000.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-12 15:47

==================== End Of Log ============================


----------



## migolfergirl (Oct 17, 2006)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 02
Ran by deni at 2015-05-15 15:28:39
Running from C:\Users\deni\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4289309018-589893681-2597226705-500 - Administrator - Disabled)
deni (S-1-5-21-4289309018-589893681-2597226705-1000 - Administrator - Enabled) => C:\Users\deni
Guest (S-1-5-21-4289309018-589893681-2597226705-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4289309018-589893681-2597226705-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Click 2 Fix+ (HKLM\...\Dell Click 2 Fix+_is1) (Version: 2.004.032.2554.03 - Dell)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{76966FD2-4189-41F1-9CF6-9D177B4DEC97}) (Version: 2.0.42.1 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.228 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hallmark Card Studio 2006 Deluxe (HKLM-x32\...\{3B901CB2-9DAF-43FC-BDD2-4149AF19381C}) (Version: 7.0.0.15 - Creative Home)
Hallmark Card Studio 2008 Deluxe (HKLM-x32\...\{747A6A10-DA58-48C2-A1F0-C15514419C8A}) (Version: 9.0.0.9 - Creative Home)
Hallmark Card Studio 2011 Deluxe (HKLM-x32\...\{62687EAC-F27D-49AC-A0E2-3899B0459113}) (Version: 12.0.1.7 - Hallmark Software)
Hallmark Card Studio 2015 Deluxe (HKLM-x32\...\{F2117332-1A36-4D3B-854D-A8D10735B4DF}) (Version: 16.0.0.10 - Creative Home)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
K-Lite Mega Codec Pack 11.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.5 - )
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 13.0.244 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Digital Image Suite 2006 (HKLM-x32\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Greetings 2000 (HKLM-x32\...\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}) (Version: 4.0.0000 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0 (x86 en-US)) (Version: 38.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5600 - Broadcom Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

12-05-2015 13:30:02 Windows Update
12-05-2015 13:45:53 Installed Hallmark Card Studio 2008 Deluxe.
12-05-2015 13:54:23 Installed Hallmark Card Studio 2006 Deluxe
12-05-2015 14:43:15 Pre Install Click 2 Fix+ restore point
12-05-2015 15:12:36 Installed Hallmark Card Studio 2011 Deluxe.
12-05-2015 16:03:39 Installed Hallmark Card Studio 2015 Deluxe.
12-05-2015 16:18:00 Installed Hallmark Card Studio 2015 Deluxe.
12-05-2015 17:04:53 Installed Microsoft Greetings 2000
12-05-2015 17:10:44 Installed Microsoft Office Professional 2007
12-05-2015 17:15:26 Configured Microsoft Office Professional 2007
12-05-2015 17:26:06 Installed iTunes
12-05-2015 17:28:48 Installed Microsoft Digital Image Suite 2006 Editor
12-05-2015 17:31:59 Installed Microsoft Digital Image Suite 2006 Library
12-05-2015 17:46:42 Installed IntelliMover
12-05-2015 18:50:34 Removed Citrix Online Launcher
12-05-2015 18:51:28 Removed IntelliMover
12-05-2015 19:16:57 Removed UpdateAdmin
12-05-2015 23:03:51 Restore Operation
13-05-2015 17:33:09 avast! antivirus system restore point
14-05-2015 03:00:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-03-27 14:56 - 00000732 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1A0AD66F-F28C-4321-8208-FCA2FDCFC787} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {25D51728-8BB7-4228-92A1-E8AE6FF823BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {2C54E981-DF5B-4F18-B2C1-4DB2F462113A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-16] ()
Task: {35F7FF4A-55EF-4951-B7F1-6E342BD989B6} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {541377D5-0BE5-4076-AE4D-DC79CCD34728} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {8F76B52B-177F-4FE7-B698-F7DE38C4B47E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {A0F48A98-1E51-400B-9732-C6185242DFBF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-13] (Avast Software s.r.o.)
Task: {A557D1BC-F1AA-485C-95AD-33CC345CF22E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B04C8213-1A3D-452D-BAE2-83EBA2C7117A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BE32FFFD-8DE6-4AA2-AFFB-29581E10662F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {CC904ACC-6D59-473E-88DE-5BBEA649E4BB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {DCEE23FE-231D-49CC-8676-7DEEC36B89A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-13] (Adobe Systems Incorporated)
Task: {E21E096E-C011-4837-A635-D91853A3CD7A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {FDB48244-E14A-4BA1-97AE-75C724E0A044} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-16] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-12 14:43 - 2015-03-27 16:25 - 00925056 _____ () C:\Program Files\Dell\Click 2 Fix+\sqlite3.dll
2015-05-12 14:43 - 2015-03-27 16:23 - 00107328 _____ () C:\Program Files\Dell\Click 2 Fix+\nfapi.dll
2015-05-12 14:43 - 2015-03-27 16:24 - 00533336 _____ () C:\Program Files\Dell\Click 2 Fix+\ProtocolFilters.dll
2014-12-22 05:36 - 2014-01-07 17:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-22 05:52 - 2014-06-04 00:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-12-22 05:52 - 2014-06-04 00:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-12-22 05:52 - 2014-06-04 00:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00462160 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2015-03-04 15:39 - 2015-03-04 15:39 - 00074168 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.Agent.Plugins.SinkEngine.dll
2015-03-04 15:39 - 2015-03-04 15:39 - 00045480 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.SinkEngine.Common.dll
2015-03-04 15:39 - 2015-03-04 15:39 - 00036280 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.SinkEngine.Configuration.dll
2015-05-13 17:33 - 2015-05-13 17:33 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-13 17:33 - 2015-05-13 17:33 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-14 01:49 - 2015-05-14 01:49 - 02928128 _____ () C:\Program Files\AVAST Software\Avast\defs\15051400\algo.dll
2015-05-15 15:23 - 2015-05-15 15:23 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051501\algo.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00214352 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00114000 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2015-05-13 17:33 - 2015-05-13 17:33 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-09 23:30 - 2014-04-09 23:30 - 00134664 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-05-12 14:58 - 2013-01-24 06:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ImagePath"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\deni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{354AEC3E-F085-450B-85B7-F080AD47AFCD}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0E5EA1AD-20D7-432B-B810-8FBAC6C53CE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC4D6D66-9B02-4A92-8DE9-7924308F2665}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2871E918-E8A5-4B1D-A07E-CF668CB7EC4D}] => (Allow) C:\Program Files\Dell\Click 2 Fix+\cust.exe
FirewallRules: [{A020AA5F-BFFB-45A6-A826-2CCF06B7F7D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{831FA807-C5AF-4632-AADD-4B1D8E6D027F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{44EF1F9F-4D1C-4A42-9BC5-10C0503DEB3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08B4D39D-2472-46C0-A45F-42B38B654330}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F99AC4B2-2001-41FF-972D-DE7A09FCB87F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D4C292B7-6A45-496E-94BA-5B2EB1AE9152}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AE72ECB9-3BA7-4163-86A9-22B6036AAAC3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B3D93AFE-38B1-49DC-9B54-D2AF0380F1A1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/15/2015 03:28:21 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (05/15/2015 03:27:21 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (05/15/2015 03:26:21 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (05/15/2015 03:25:19 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (05/15/2015 03:25:18 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (05/15/2015 03:23:11 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (05/15/2015 03:22:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2015 04:31:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2015 04:31:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2015 04:31:09 AM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

System errors:
=============
Error: (05/15/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error: 
%%16405

Error: (05/14/2015 04:32:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error: 
%%16405

Error: (05/14/2015 04:28:42 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (05/14/2015 04:28:42 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (05/14/2015 04:28:42 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (05/14/2015 04:28:42 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/14/2015 03:58:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).

Error: (05/14/2015 03:27:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430).

Error: (05/13/2015 06:10:18 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (05/13/2015 06:10:18 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 46%
Total physical RAM: 8143.22 MB
Available physical RAM: 4353.86 MB
Total Pagefile: 16284.65 MB
Available Pagefile: 12533.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.74 GB) (Free:833.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 5498EDD3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


----------



## JSntgRvr (Jul 1, 2003)

First, go to the Control Panel -> Program Features and remove *McAfee LiveSafe*.

To remove the remnants, download the *MCPR* tool from: http://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp and save it to a folder on your computer.

IMPORTANT: The MCPR tool is updated periodically when new products and updates are released. Always download a new copy of the MCPR tool before using it to uninstall your product.


Navigate to the folder where you saved the file, and double-click MCPR.exe. 
When you see the User Account Control dialog box, click Yes.
At the McAfee Software Removal screen, click Next.
At the End User License Agreement (EULA) dialog box, click Next to accept the agreement.
When prompted, type the Captcha information, which is case-sensitive, to validate to application security, and then click Next.

If you have Family Protection installed, type your Administrator user name and password and click Next.
If you cannot authenticate, follow the on-screen instructions to obtain an uninstall code. If you do not have Family Protection installed, you will not receive this authentication prompt.​
When you see the message *CleanUp Successful*, restart your computer. Your McAfee product will not be fully removed until after the restart.

Then, download the enclosed file, *fixlist.txt*. Save it in the same directory as *FRST*.

Start *FRST* with Administrator privileges.
Press the *Fix* button.
When finished, a log file (*Fixlog.txt*) pops up and is saved to the same location the tool was run from.
Please copy and paste its contents in your next reply.


----------



## migolfergirl (Oct 17, 2006)

OLD COMPUTER:

Delfix:

# DelFix v10.8 - Logfile created 17/05/2015 at 14:31:50
# Updated 29/07/2014 by Xplode
# Username : Deni - NEWFAMCOMP
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Deni\Downloads\FRST-OlderVersion
Deleted : C:\Users\Deni\Desktop\FRST-OlderVersion
Deleted : C:\TDSSKiller.3.0.0.40_14.08.2014_14.20.59_log.txt
Deleted : C:\Users\Deni\Desktop\Addition.txt
Deleted : C:\Users\Deni\Desktop\Extras.Txt
Deleted : C:\Users\Deni\Desktop\Fixlog.txt
Deleted : C:\Users\Deni\Desktop\FRST.exe
Deleted : C:\Users\Deni\Desktop\FRST.txt
Deleted : C:\Users\Deni\Desktop\OTL.Txt
Deleted : C:\Users\Deni\Desktop\OTL.exe
Deleted : C:\Users\Deni\Desktop\SecurityCheck.exe
Deleted : C:\Users\Deni\Desktop\Shortcut.txt
Deleted : C:\Users\Deni\Desktop\tdsskiller.exe
Deleted : C:\Users\Deni\Downloads\Addition.txt
Deleted : C:\Users\Deni\Downloads\AdwCleaner(1).exe
Deleted : C:\Users\Deni\Downloads\AdwCleaner(2).exe
Deleted : C:\Users\Deni\Downloads\AdwCleaner.exe
Deleted : C:\Users\Deni\Downloads\adwcleaner_4.109.exe
Deleted : C:\Users\Deni\Downloads\adwcleaner_4.200.exe
Deleted : C:\Users\Deni\Downloads\dds.scr
Deleted : C:\Users\Deni\Downloads\FRST(1).exe
Deleted : C:\Users\Deni\Downloads\FRST.exe
Deleted : C:\Users\Deni\Downloads\FRST.txt
Deleted : C:\Users\Deni\Downloads\JRT.exe
Deleted : C:\Users\Deni\Downloads\HijackThis(1).exe
Deleted : C:\Users\Deni\Downloads\HijackThis.exe
Deleted : C:\Users\Deni\Downloads\hijackthis.log
Deleted : C:\Users\Deni\Downloads\HiJackThis.msi
Deleted : C:\Users\Deni\Downloads\RogueKiller.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########


----------



## migolfergirl (Oct 17, 2006)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by deni at 2015-05-17 14:54:47 Run:1
Running from C:\Users\deni\Downloads
Loaded Profiles: deni (Available profiles: deni)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\...\MountPoints2: {abb91e48-89d6-11e4-a252-806e6f6e6963} - D:\SETUP.EXE AUTORUN=1
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\...\Winlogon: [Shell] - <==== ATTENTION 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> DefaultScope {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL =
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL =
EmptyTemp:

*****************

"HKU\S-1-5-21-4289309018-589893681-2597226705-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abb91e48-89d6-11e4-a252-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{abb91e48-89d6-11e4-a252-806e6f6e6963} => Key not found. 
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4289309018-589893681-2597226705-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D087D92A-D0AF-48A3-A070-F01B1BDAFF36}" => Key deleted successfully.
HKCR\CLSID\{D087D92A-D0AF-48A3-A070-F01B1BDAFF36} => Key not found. 
EmptyTemp: => Removed 468.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog 14:55:03 ====


----------



## JSntgRvr (Jul 1, 2003)

Any improvement on this computer?


----------



## migolfergirl (Oct 17, 2006)

I think both of them seem to be working well. 

The new computer, that is supposed to be so fast, takes a long time to boot up, and I can't figure that out, but other than that....

Anything you think I should do? I removed all the tools we used to clean the old computer.... And McAfee is totally wiped out on the new one. I'm running Avast Internet Security on both machines.....


----------



## JSntgRvr (Jul 1, 2003)

Re-scan with FRST on the last machine and post both reports. Lets make sure McAfee is gone.


----------



## migolfergirl (Oct 17, 2006)

J, I think I still have some bad stuff on my new computer. I checked program files, and took a picture of what I'm worried about, but since the pic isn't on the internet, I can't figure out how to post it here....

Obviously the system restore didn't work.....

How can I show you the print screen pic that I saved to My Pictures?

sorry....I'm a bonehead....


----------



## migolfergirl (Oct 17, 2006)

here it is.....


----------



## migolfergirl (Oct 17, 2006)

J, this is a 64 bit computer, if that helps...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by deni (administrator) on DENI-PC on 18-05-2015 16:25:09
Running from C:\Users\deni\Downloads
Loaded Profiles: deni (Available profiles: deni)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(TODO: <Company name>) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\Planner\PLNRnote.exe
(Creative Home) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\wkcalrem.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-05] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8925184 2014-12-22] (Dell Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-01] ()
HKLM-x32\...\Run: [AddressBookReminderApp] => C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\ReminderApp.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-12-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder 2008.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder 2008.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\Shortcut_EventPlan_5D0DF1BBD82E4FB2B98E4FDE42EF7EBB.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe (Creative Home)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2015-05-12]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> DefaultScope {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL = 
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-13] (Avast Software s.r.o.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-13] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\deni\AppData\Roaming\Mozilla\Firefox\Profiles\cnn9kzj6.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4289309018-589893681-2597226705-1000: @citrixonline.com/appdetectorplugin -> C:\Users\deni\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-12] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-13]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Google Docs) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-13]
CHR Extension: (Google Drive) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-13]
CHR Extension: (YouTube) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-13]
CHR Extension: (Google Search) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-13]
CHR Extension: (Google Sheets) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Avast Online Security) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-13]
CHR Extension: (Gmail) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-18] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-13] (Avast Software)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [75120 2015-03-04] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-05] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-12-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6178304 2014-12-22] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-18] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-13] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-18] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-13] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-13] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-22] (Broadcom Corporation.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2015-05-12] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-13] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-18 16:25 - 2015-05-18 16:25 - 00017070 _____ () C:\Users\deni\Downloads\FRST.txt
2015-05-18 15:01 - 2015-05-18 15:46 - 00000000 ____D () C:\Users\deni\Documents\RECIPES
2015-05-18 14:48 - 2015-05-18 14:48 - 00001984 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-18 14:48 - 2015-05-18 14:48 - 00001924 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-05-18 14:48 - 2015-05-18 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-18 14:47 - 2015-05-18 14:47 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-05-18 14:47 - 2015-05-18 14:47 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-05-18 14:47 - 2015-05-13 17:33 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-18 14:37 - 2015-05-18 14:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-18 14:26 - 2015-05-18 14:26 - 00000000 _____ () C:\Users\deni\Desktop\avast_internet_security_setup.exe
2015-05-18 14:25 - 2015-05-18 14:27 - 209372752 _____ (Avast Software s.r.o.) C:\Users\deni\Downloads\avast_internet_security_setup.exe
2015-05-17 14:49 - 2015-05-17 14:49 - 00000000 ____D () C:\Users\deni\Downloads\FRST-OlderVersion
2015-05-17 14:41 - 2015-05-17 14:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieBrowserModeList
2015-05-17 03:00 - 2015-05-17 03:00 - 00288986 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2015-05-16 13:26 - 2015-05-16 13:26 - 00000941 _____ () C:\Users\deni\Documents - Shortcut.lnk
2015-05-16 03:04 - 2015-05-16 03:04 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-05-15 16:57 - 2015-05-15 17:27 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-05-15 16:57 - 2015-05-15 16:57 - 00003912 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-05-15 16:57 - 2015-05-15 16:57 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-05-15 16:57 - 2015-05-15 16:57 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-05-15 15:49 - 2015-05-18 12:49 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-05-15 15:49 - 2015-05-15 15:49 - 00004024 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-05-15 15:49 - 2015-05-15 15:49 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-05-15 15:49 - 2015-05-15 15:49 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-05-15 15:49 - 2015-05-15 15:49 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-05-15 15:26 - 2015-05-15 15:26 - 00001433 _____ () C:\Users\deni\Desktop\FRST64 - Shortcut.lnk
2015-05-15 15:25 - 2015-05-17 14:49 - 02107392 _____ (Farbar) C:\Users\deni\Downloads\FRST64.exe
2015-05-14 04:27 - 2015-05-14 04:32 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-14 04:09 - 2015-01-08 16:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-05-14 04:09 - 2015-01-08 16:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-05-14 03:25 - 2015-05-16 03:04 - 00291212 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-05-14 03:14 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-05-14 03:14 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-05-14 03:14 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-05-14 03:14 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-05-14 03:14 - 2012-06-02 07:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-05-14 03:09 - 2015-05-01 06:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:09 - 2015-05-01 06:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:06 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-05-14 03:06 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-05-14 03:04 - 2015-05-14 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-05-14 03:04 - 2015-05-14 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-14 03:00 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-05-14 03:00 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-05-14 03:00 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-05-14 03:00 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-05-14 03:00 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-05-14 03:00 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-05-14 03:00 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-05-14 03:00 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Users\deni\AppData\Roaming\AVAST Software
2015-05-13 17:34 - 2015-05-18 15:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 17:34 - 2015-05-18 15:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 17:34 - 2015-05-18 14:47 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-13 17:34 - 2015-05-15 15:44 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-13 17:34 - 2015-05-15 15:44 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 17:34 - 2015-05-13 17:35 - 00000000 ____D () C:\Users\deni\AppData\Local\Google
2015-05-13 17:34 - 2015-05-13 17:34 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-13 17:34 - 2015-05-13 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-13 17:34 - 2015-05-13 17:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-13 17:34 - 2015-05-13 17:33 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-13 17:33 - 2015-05-13 17:33 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-13 17:33 - 2015-05-13 17:33 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-13 17:32 - 2015-05-13 17:32 - 05473032 _____ (Avast Software s.r.o.) C:\Users\deni\Downloads\avast_free_antivirus_setup_online.exe
2015-05-13 17:32 - 2015-05-13 17:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-13 17:29 - 2015-05-13 17:29 - 00001711 _____ () C:\Users\deni\Downloads\license(1).avastlic
2015-05-13 17:13 - 2015-05-13 17:13 - 00001711 _____ () C:\Users\deni\Downloads\license.avastlic
2015-05-13 13:23 - 2015-05-13 13:23 - 00000000 ____D () C:\Users\deni\AppData\Local\NovaRegister
2015-05-13 13:21 - 2015-05-13 13:21 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-13 03:16 - 2015-05-04 18:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 03:16 - 2015-05-04 18:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 03:16 - 2015-04-21 19:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 03:16 - 2015-04-21 18:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 03:16 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 03:16 - 2015-04-21 10:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 03:16 - 2015-04-21 10:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 03:16 - 2015-04-21 09:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 03:16 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 03:16 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 03:16 - 2015-04-21 09:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 03:16 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 03:16 - 2015-04-21 09:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 03:16 - 2015-04-21 09:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 03:16 - 2015-04-21 09:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 03:16 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 03:16 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 03:16 - 2015-04-21 09:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 03:16 - 2015-04-21 09:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 03:16 - 2015-04-21 09:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 03:16 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 03:16 - 2015-04-21 09:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 03:16 - 2015-04-21 09:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 03:16 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 03:16 - 2015-04-21 09:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 03:16 - 2015-04-21 09:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 03:16 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 03:16 - 2015-04-21 09:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 03:16 - 2015-04-21 09:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 03:16 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 03:16 - 2015-04-21 09:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 03:16 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 03:16 - 2015-04-21 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 03:16 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 03:16 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 03:16 - 2015-04-21 09:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 03:16 - 2015-04-21 09:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 03:16 - 2015-04-21 09:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 03:16 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 03:16 - 2015-04-21 08:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 03:16 - 2015-04-21 08:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 03:16 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 03:16 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 03:16 - 2015-04-21 08:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 03:16 - 2015-04-21 08:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 03:16 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 03:16 - 2015-04-21 08:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 03:16 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 03:16 - 2015-04-21 08:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 03:16 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 03:16 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 03:16 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 03:16 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 03:16 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 03:16 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 03:16 - 2015-04-21 08:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 03:16 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 03:16 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 03:16 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 03:16 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 03:16 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 03:16 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 03:16 - 2015-04-17 20:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 03:16 - 2015-04-17 19:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 03:16 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 03:16 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-05-13 03:16 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-05-13 03:16 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-05-13 03:16 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-05-13 03:16 - 2014-12-11 10:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-05-13 03:15 - 2015-04-27 12:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 03:15 - 2015-04-27 12:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 03:15 - 2015-04-27 12:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 03:15 - 2015-04-27 12:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 03:15 - 2015-04-27 12:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 03:15 - 2015-04-27 12:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 03:15 - 2015-04-27 12:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 03:15 - 2015-04-27 12:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 03:15 - 2015-04-27 12:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 03:15 - 2015-04-27 12:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 03:15 - 2015-04-27 12:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 03:15 - 2015-04-27 12:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 03:15 - 2015-04-27 12:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 03:15 - 2015-04-27 12:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 03:15 - 2015-04-27 10:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 03:15 - 2015-04-27 10:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 03:15 - 2015-04-27 10:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 03:15 - 2015-04-19 20:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 03:15 - 2015-04-19 20:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 03:15 - 2015-04-19 19:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 03:15 - 2015-04-19 19:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 03:15 - 2015-02-19 21:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-05-13 03:15 - 2015-02-19 21:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-05-13 03:15 - 2015-02-19 20:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-05-13 03:15 - 2015-02-19 20:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-05-13 03:15 - 2015-02-02 20:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-05-13 03:15 - 2015-02-02 20:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-05-13 03:15 - 2015-02-02 20:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-05-13 03:15 - 2015-02-02 20:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-05-13 03:15 - 2015-02-02 20:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-05-13 03:15 - 2015-02-02 20:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-05-13 03:15 - 2015-02-02 20:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-05-13 03:15 - 2015-02-02 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-05-13 03:15 - 2015-02-02 20:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-05-13 03:15 - 2015-02-02 20:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-05-13 03:15 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-05-13 03:15 - 2015-02-02 20:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-05-13 03:15 - 2015-02-02 20:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-05-13 03:15 - 2015-02-02 20:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-05-13 03:15 - 2015-02-02 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-05-13 03:15 - 2015-02-02 19:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-05-13 03:15 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-05-13 03:15 - 2014-10-31 15:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-05-13 03:15 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-05-13 03:15 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-05-13 03:15 - 2014-06-27 17:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-05-13 03:15 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-05-13 03:14 - 2015-04-07 20:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 03:14 - 2015-04-07 20:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 03:14 - 2015-04-07 20:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-13 03:14 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-13 03:14 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-13 03:14 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-13 03:14 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-13 03:14 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-13 03:14 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-13 03:14 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-13 03:14 - 2015-02-12 22:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-13 03:14 - 2015-02-12 22:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-13 03:14 - 2015-02-02 20:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-05-13 03:14 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-05-13 03:14 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 03:14 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 03:14 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-05-13 03:14 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-13 03:14 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-13 03:14 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-05-13 03:14 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-05-13 03:14 - 2014-10-13 19:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-05-13 03:14 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 03:14 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-05-13 03:13 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-13 03:13 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-13 03:13 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-13 03:13 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-13 03:13 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-13 03:13 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-13 03:13 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-13 03:13 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 03:13 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 03:13 - 2015-01-30 16:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 03:13 - 2014-11-25 20:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-13 03:13 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-05-13 03:13 - 2014-11-10 20:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-05-13 03:13 - 2014-11-10 19:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-05-13 03:13 - 2014-11-10 18:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-05-13 03:13 - 2014-10-03 19:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-05-13 03:13 - 2014-10-03 18:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-05-13 03:13 - 2014-10-03 18:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-05-13 03:13 - 2014-08-11 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-05-13 03:13 - 2014-08-11 18:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-05-13 03:13 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-05-13 03:12 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-13 03:12 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 03:12 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 03:12 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 03:12 - 2015-02-02 20:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-13 03:12 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-05-13 03:12 - 2015-01-16 19:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-13 03:12 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-05-13 03:12 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-13 03:12 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-05-13 03:12 - 2014-11-07 20:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-05-13 03:12 - 2014-11-07 19:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-05-13 03:12 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-05-13 03:12 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-05-13 03:12 - 2014-10-24 18:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-05-13 03:12 - 2014-10-24 18:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-05-13 03:12 - 2014-10-13 19:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-05-13 03:12 - 2014-10-13 18:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-05-13 03:12 - 2014-10-02 19:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-05-13 03:12 - 2014-10-02 18:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-05-13 03:12 - 2014-10-02 18:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-05-13 03:12 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-05-13 03:12 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-05-13 03:12 - 2014-07-16 19:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-05-13 03:12 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-05-13 03:12 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-05-13 03:12 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-05-13 03:12 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-05-13 03:12 - 2014-07-16 18:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-05-13 03:12 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-05-13 03:12 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-05-13 03:12 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-05-13 03:12 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-05-13 03:12 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-05-13 03:12 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-05-13 03:12 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-05-13 03:12 - 2011-02-18 03:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-05-13 03:12 - 2011-02-17 22:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-05-13 03:11 - 2015-02-03 20:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-13 03:11 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-05-13 03:11 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-05-13 03:11 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-05-12 20:32 - 2015-05-18 16:25 - 00000000 ____D () C:\FRST
2015-05-12 20:32 - 2015-05-15 15:29 - 00025058 _____ () C:\Users\deni\Downloads\Addition.txt
2015-05-12 19:33 - 2015-05-12 19:34 - 00009580 _____ () C:\Users\deni\Downloads\hijackthis.log
2015-05-12 19:25 - 2015-05-12 19:25 - 02204160 _____ () C:\Users\deni\Downloads\adwcleaner_4.203.exe
2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\AdwCleaner
2015-05-12 18:50 - 2015-05-12 18:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-12 18:47 - 2015-05-12 19:19 - 00000000 ____D () C:\Users\deni\Documents\ProPCCleaner
2015-05-12 18:47 - 2015-05-12 18:47 - 00000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2
2015-05-12 18:34 - 2015-05-12 18:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Macromedia
2015-05-12 18:30 - 2015-05-13 17:07 - 00000000 ____D () C:\Users\deni\AppData\Local\Adobe
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\Users\deni\Documents\Migration Lost and Found
2015-05-12 17:31 - 2015-05-12 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Digital Image Suite 2006
2015-05-12 17:29 - 2015-05-12 23:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Digital Image 2006
2015-05-12 17:29 - 2005-03-23 22:55 - 00083524 ____R () C:\Windows\Enviro.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00070280 ____R () C:\Windows\Maiandit.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00068996 ____R () C:\Windows\RUNICCN.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00067648 ____R () C:\Windows\MATISSE_.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00065724 ____R () C:\Windows\PARADE.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00060716 ____R () C:\Windows\maiandb.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00055812 ____R () C:\Windows\PEPITA.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00049932 ____R () C:\Windows\OCRB.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00044304 ____R () C:\Windows\EUROSTIB.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00043704 ____R () C:\Windows\EUROSTI.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00041952 ____R () C:\Windows\PLACCOND.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00035740 ____R () C:\Windows\KINO.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00101336 ____R () C:\Windows\EDDA.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00070324 ____R () C:\Windows\Andyb.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00043512 ____R () C:\Windows\Beesknee.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00039472 ____R () C:\Windows\BRAGGA.tt2
2015-05-12 17:27 - 2015-05-12 17:27 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-12 17:27 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\Program Files\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\iPod
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-12 17:24 - 2015-05-12 17:24 - 152362800 _____ (Apple Inc.) C:\Users\deni\Downloads\iTunes6464Setup.exe
2015-05-12 17:18 - 2015-05-12 17:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-05-12 17:14 - 2015-05-14 03:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-05-12 17:14 - 2015-05-12 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-12 17:13 - 2015-05-12 17:13 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-12 17:11 - 2015-05-16 03:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Users\deni\AppData\Local\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-12 17:10 - 2015-05-12 17:10 - 00000000 __RHD () C:\MSOCache
2015-05-12 17:06 - 2015-05-12 17:06 - 00001848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00001836 _____ () C:\Users\Public\Desktop\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Clip Gallery
2015-05-12 17:05 - 2015-05-12 17:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Home Publishing 2000
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\HCSShell
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\Creative Home
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\Avanquest North America
2015-05-12 16:50 - 2015-05-12 16:50 - 00185664 _____ (Dell) C:\Users\deni\Downloads\cutil.exe
2015-05-12 16:39 - 2015-05-12 16:52 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2015 Deluxe.lnk
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-12 15:22 - 2015-05-12 15:22 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2011 Deluxe.lnk
2015-05-12 15:01 - 2015-05-15 15:48 - 00000000 ____D () C:\Users\deni\AppData\Roaming\PCDr
2015-05-12 14:59 - 2015-05-12 14:59 - 11305624 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_21Y1M_WN_9.4.0.1016_A00.EXE
2015-05-12 14:58 - 2015-05-12 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-05-12 14:58 - 2015-05-12 23:05 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-05-12 14:58 - 2015-05-12 14:58 - 60349104 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_Y22PK_WN_9.0.0.1310_A00.EXE
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\Users\deni\AppData\Local\softthinks
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\ProgramData\softthinks
2015-05-12 14:58 - 2015-03-24 11:00 - 00126976 _____ () C:\Windows\system32\ff_vfw.dll
2015-05-12 14:58 - 2015-03-24 11:00 - 00112128 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2015-05-12 14:58 - 2015-02-28 09:22 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2015-05-12 14:58 - 2015-02-28 09:21 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2015-05-12 14:58 - 2015-02-24 16:37 - 00655872 _____ () C:\Windows\SysWOW64\xvidcore.dll
2015-05-12 14:58 - 2015-02-24 16:37 - 00240128 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2015-05-12 14:58 - 2014-11-14 07:12 - 00254976 _____ () C:\Windows\system32\xvidvfw.dll
2015-05-12 14:58 - 2014-11-13 08:05 - 00729088 _____ () C:\Windows\system32\xvidcore.dll
2015-05-12 14:58 - 2014-08-12 20:19 - 00000113 ____H () C:\DBAR_Ver.txt
2015-05-12 14:58 - 2013-01-24 06:57 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-05-12 14:58 - 2012-07-21 04:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2015-05-12 14:58 - 2012-07-21 04:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-05-12 14:58 - 2011-12-07 11:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2015-05-12 14:58 - 2011-12-07 11:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2015-05-12 14:56 - 2015-05-12 14:56 - 20595384 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_F81X8_WN_2.5.0.19_A02.EXE
2015-05-12 14:52 - 2015-05-12 14:52 - 00000000 ____D () C:\Users\deni\AppData\Roaming\DropboxOEM
2015-05-12 14:48 - 2015-05-12 14:48 - 00031152 _____ () C:\Windows\system32\Drivers\pmxdrv.sys
2015-05-12 14:47 - 2015-05-12 14:47 - 13942144 _____ () C:\Users\deni\Downloads\XPS_8700_BIOS_A10.EXE
2015-05-12 14:43 - 2015-05-12 14:43 - 00000062 _____ () C:\SerialNumber.txt
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\ProgramData\Citrix
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-05-12 14:38 - 2015-05-18 15:54 - 00000000 ____D () C:\Users\deni\AppData\Local\Citrix
2015-05-12 14:14 - 2015-05-12 14:14 - 00002270 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2006.lnk
2015-05-12 14:14 - 2015-05-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative Home
2015-05-12 13:51 - 2015-05-12 14:01 - 00000000 ____D () C:\ProgramData\Creative Home
2015-05-12 13:51 - 2015-05-12 13:51 - 00000027 _____ () C:\Users\deni\Documents\Hallmark Card Studio 2008.txt
2015-05-12 13:50 - 2015-05-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark
2015-05-12 13:50 - 2015-05-12 13:50 - 00002787 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2008 Deluxe.lnk
2015-05-12 13:46 - 2015-05-12 16:18 - 00000000 ____D () C:\Program Files (x86)\Creative Home
2015-05-12 13:42 - 2015-05-18 14:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 13:42 - 2015-05-12 13:42 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Local\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieUserList
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieSiteList
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\Documents\Bluetooth Exchange Folder
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Intel Corporation
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Dell
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\DropboxOEM
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Broadcom
2015-05-12 13:33 - 2015-05-12 14:52 - 00000000 ____D () C:\Users\deni\AppData\Local\VirtualStore
2015-05-12 13:33 - 2015-05-12 13:33 - 00001415 _____ () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-12 13:31 - 2015-05-13 17:07 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Adobe
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Macromedia
2015-05-12 13:30 - 2015-05-15 15:24 - 00160856 _____ () C:\Users\deni\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-12 13:30 - 2015-05-12 13:30 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2015-05-12 13:30 - 2015-05-12 13:30 - 00000020 ___SH () C:\Users\deni\ntuser.ini
2015-05-12 13:30 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-12 13:30 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-12 13:29 - 2015-05-16 13:26 - 00000000 ____D () C:\Users\deni

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-18 15:45 - 2014-12-22 02:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 14:58 - 2014-12-22 05:52 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-05-18 14:58 - 2009-07-13 21:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-18 14:58 - 2009-07-13 21:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-18 14:55 - 2009-07-13 22:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-18 14:50 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-18 14:49 - 2010-11-20 20:47 - 00181348 _____ () C:\Windows\PFRO.log
2015-05-18 14:49 - 2009-07-13 21:51 - 00042343 _____ () C:\Windows\setupact.log
2015-05-18 14:48 - 2014-12-22 05:36 - 01749969 _____ () C:\Windows\WindowsUpdate.log
2015-05-17 14:38 - 2009-07-13 21:45 - 00519336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-16 03:59 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-16 03:01 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2015-05-16 00:34 - 2014-12-22 05:49 - 00000000 ____D () C:\Program Files\Dell
2015-05-15 15:49 - 2014-12-22 05:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-05-15 15:48 - 2014-12-22 05:50 - 00000000 ____D () C:\ProgramData\PCDr
2015-05-15 15:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-14 04:27 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-14 04:11 - 2011-02-10 07:33 - 00775384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-13 17:45 - 2014-12-22 02:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-13 17:45 - 2014-12-22 02:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-13 17:45 - 2014-12-22 02:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-12 23:05 - 2014-12-22 05:52 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-12 23:05 - 2014-12-22 02:02 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-12 23:05 - 2014-12-22 02:02 - 00000000 ____D () C:\Windows\system32\Macromed
2015-05-12 23:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2015-05-12 19:27 - 2014-12-22 05:52 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-12 17:18 - 2010-11-21 00:17 - 00000000 ____D () C:\Windows\ShellNew
2015-05-12 17:13 - 2014-12-22 05:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-12 17:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-12 17:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2015-05-12 14:58 - 2014-12-22 06:00 - 00009730 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-12 14:57 - 2014-12-22 05:59 - 00000000 ____D () C:\ProgramData\Dell
2015-05-12 14:50 - 2011-02-10 07:25 - 00000000 ____D () C:\dell
2015-05-12 13:35 - 2014-12-22 05:44 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-05-12 13:35 - 2014-12-22 05:42 - 00000000 ____D () C:\ProgramData\Intel
2015-05-12 13:29 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-12 13:14 - 2011-02-10 07:25 - 00000000 ____D () C:\Windows\panther

==================== Files in the root of some directories =======

2015-05-12 18:47 - 2015-05-12 18:47 - 0000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-16 03:52

==================== End Of Log ============================


----------



## migolfergirl (Oct 17, 2006)

When I first realized I had a problem with the old computer, I couldn't use Google, and no matter what I did, Yahoo was the search engine. Now I can't get rid of Yahoo on this one..... And I can't seem to uninstall that "K-Lite Codec Pack"


----------



## JSntgRvr (Jul 1, 2003)

Use the *Revo Uninstaller* for K-Lite Codec Pack.

Reset your browsers to default. For instructions see *here*.

Please download the attached file, fixlist.txt, and save it in the same directory as *FRST* in the latest computer.

Start *FRST* with Administrator privileges.
Press the *Fix* button.
When finished, a log file (*Fixlog.txt*) pops up and is saved to the same location the tool was run from.
Please copy and paste its contents in your next reply.


----------



## migolfergirl (Oct 17, 2006)

These are apparently possible left-over files from the uninstall of K-Lite Codec....


----------



## migolfergirl (Oct 17, 2006)

here is the path:

-----HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.evo\OpenWithProgids


----------



## migolfergirl (Oct 17, 2006)

OK.... I got antsy and went ahead and deleted every possible file/key/etc associated with K-Lite Codec. Machine didn't explode and seems to be working fine. I think I'm good.

I downloaded the fixlist.txt to the desktop, drug it to the FRST file on the desktop, clicked FIX, and it says it can't find a fixlist. I've started over 3 times....nothing is working Can you doublecheck that you sent me the right one?

ALSO: Do I need to remove the uninstaller that removed the K-Lite mess??


----------



## migolfergirl (Oct 17, 2006)

I just redid FRST...just in case....

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by deni (administrator) on DENI-PC on 19-05-2015 14:47:45
Running from C:\Users\deni\Downloads
Loaded Profiles: deni (Available profiles: deni)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(TODO: <Company name>) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\Planner\PLNRnote.exe
(Creative Home) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\wkcalrem.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe
() C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\HCS.exe
(Creative Home) C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\Hallmark Card Studio 2008.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-05] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8925184 2014-12-22] (Dell Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-01] ()
HKLM-x32\...\Run: [AddressBookReminderApp] => C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\ReminderApp.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-12-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder 2008.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder 2008.lnk -> C:\Windows\Installer\{747A6A10-DA58-48C2-A1F0-C15514419C8A}\Shortcut_EventPlan_5D0DF1BBD82E4FB2B98E4FDE42EF7EBB.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk [2015-05-12]
ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe (Creative Home)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2015-05-12]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-13] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-13] (Avast Software s.r.o.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-13] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\deni\AppData\Roaming\Mozilla\Firefox\Profiles\cnn9kzj6.default
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4289309018-589893681-2597226705-1000: @citrixonline.com/appdetectorplugin -> C:\Users\deni\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-12] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-13]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Google Docs) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-13]
CHR Extension: (Google Drive) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-13]
CHR Extension: (YouTube) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-13]
CHR Extension: (Google Search) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-13]
CHR Extension: (Google Sheets) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Avast Online Security) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-13]
CHR Extension: (Gmail) - C:\Users\deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-18] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-13] (Avast Software)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [75120 2015-03-04] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-05] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-12-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6178304 2014-12-22] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-18] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-13] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-18] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-13] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-13] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-22] (Broadcom Corporation.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2015-05-12] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-13] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 14:41 - 2015-05-19 14:41 - 00000373 _____ () C:\Users\deni\Desktop\Fixlist.txt
2015-05-19 14:31 - 2015-05-19 14:31 - 00880208 _____ (Google Inc.) C:\Users\deni\Downloads\ChromeSetup.exe
2015-05-19 12:41 - 2015-05-19 12:41 - 10801480 _____ (VS Revo Group ) C:\Users\deni\Downloads\RevoUninProSetup.exe
2015-05-19 12:35 - 2015-05-19 12:35 - 00000000 ____D () C:\Users\deni\AppData\Local\VS Revo Group
2015-05-19 12:35 - 2015-05-19 12:35 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-05-19 12:34 - 2015-05-19 12:34 - 10801480 _____ (VS Revo Group ) C:\Users\deni\Desktop\RevoUninProSetup.exe
2015-05-19 00:54 - 2015-05-19 10:24 - 00705805 _____ () C:\Users\deni\Documents\luck to have friend like you.hmk
2015-05-18 16:25 - 2015-05-19 14:47 - 00017527 _____ () C:\Users\deni\Downloads\FRST.txt
2015-05-18 15:01 - 2015-05-19 12:45 - 00000000 ____D () C:\Users\deni\Documents\RECIPES
2015-05-18 14:48 - 2015-05-18 14:48 - 00001984 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-18 14:48 - 2015-05-18 14:48 - 00001924 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-05-18 14:48 - 2015-05-18 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-18 14:47 - 2015-05-18 14:47 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-05-18 14:47 - 2015-05-18 14:47 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-05-18 14:47 - 2015-05-13 17:33 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-18 14:37 - 2015-05-18 14:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-18 14:26 - 2015-05-18 14:26 - 00000000 _____ () C:\Users\deni\Desktop\avast_internet_security_setup.exe
2015-05-18 14:25 - 2015-05-18 14:27 - 209372752 _____ (Avast Software s.r.o.) C:\Users\deni\Downloads\avast_internet_security_setup.exe
2015-05-17 14:49 - 2015-05-19 14:39 - 00000000 ____D () C:\Users\deni\Downloads\FRST-OlderVersion
2015-05-17 14:41 - 2015-05-17 14:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieBrowserModeList
2015-05-17 03:00 - 2015-05-17 03:00 - 00288986 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2015-05-16 13:26 - 2015-05-16 13:26 - 00000941 _____ () C:\Users\deni\Documents - Shortcut.lnk
2015-05-16 03:04 - 2015-05-16 03:04 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-05-15 16:57 - 2015-05-15 17:27 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-05-15 16:57 - 2015-05-15 16:57 - 00003912 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-05-15 16:57 - 2015-05-15 16:57 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-05-15 16:57 - 2015-05-15 16:57 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-05-15 15:49 - 2015-05-19 13:16 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-05-15 15:49 - 2015-05-15 15:49 - 00004024 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-05-15 15:49 - 2015-05-15 15:49 - 00003214 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-05-15 15:49 - 2015-05-15 15:49 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-05-15 15:49 - 2015-05-15 15:49 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-05-15 15:34 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-05-15 15:34 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-05-15 15:26 - 2015-05-15 15:26 - 00001433 _____ () C:\Users\deni\Desktop\FRST64 - Shortcut.lnk
2015-05-15 15:25 - 2015-05-19 14:39 - 02107904 _____ (Farbar) C:\Users\deni\Downloads\FRST64.exe
2015-05-14 04:27 - 2015-05-14 04:32 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-14 04:27 - 2015-05-14 04:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-14 04:09 - 2015-01-08 16:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-05-14 04:09 - 2015-01-08 16:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-05-14 03:25 - 2015-05-16 03:04 - 00291212 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-05-14 03:14 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-05-14 03:14 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-05-14 03:14 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-05-14 03:14 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-05-14 03:14 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-05-14 03:14 - 2012-06-02 07:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-05-14 03:09 - 2015-05-01 06:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:09 - 2015-05-01 06:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:06 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-05-14 03:06 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-05-14 03:04 - 2015-05-14 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-05-14 03:04 - 2015-05-14 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-14 03:00 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-05-14 03:00 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-05-14 03:00 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-05-14 03:00 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-05-14 03:00 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-05-14 03:00 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-05-14 03:00 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-05-14 03:00 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-13 17:35 - 2015-05-13 17:35 - 00000000 ____D () C:\Users\deni\AppData\Roaming\AVAST Software
2015-05-13 17:34 - 2015-05-19 13:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 17:34 - 2015-05-19 12:51 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-13 17:34 - 2015-05-18 15:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 17:34 - 2015-05-18 14:47 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-13 17:34 - 2015-05-15 15:44 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-13 17:34 - 2015-05-15 15:44 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 17:34 - 2015-05-13 17:35 - 00000000 ____D () C:\Users\deni\AppData\Local\Google
2015-05-13 17:34 - 2015-05-13 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-13 17:34 - 2015-05-13 17:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-13 17:34 - 2015-05-13 17:33 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-13 17:34 - 2015-05-13 17:33 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-13 17:33 - 2015-05-13 17:33 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-13 17:33 - 2015-05-13 17:33 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-13 17:32 - 2015-05-13 17:32 - 05473032 _____ (Avast Software s.r.o.) C:\Users\deni\Downloads\avast_free_antivirus_setup_online.exe
2015-05-13 17:32 - 2015-05-13 17:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-13 17:29 - 2015-05-13 17:29 - 00001711 _____ () C:\Users\deni\Downloads\license(1).avastlic
2015-05-13 17:13 - 2015-05-13 17:13 - 00001711 _____ () C:\Users\deni\Downloads\license.avastlic
2015-05-13 13:23 - 2015-05-13 13:23 - 00000000 ____D () C:\Users\deni\AppData\Local\NovaRegister
2015-05-13 13:21 - 2015-05-13 13:21 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-13 03:16 - 2015-05-04 18:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 03:16 - 2015-05-04 18:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 03:16 - 2015-04-21 19:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 03:16 - 2015-04-21 18:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 03:16 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 03:16 - 2015-04-21 10:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 03:16 - 2015-04-21 10:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 03:16 - 2015-04-21 09:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 03:16 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 03:16 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 03:16 - 2015-04-21 09:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 03:16 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 03:16 - 2015-04-21 09:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 03:16 - 2015-04-21 09:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 03:16 - 2015-04-21 09:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 03:16 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 03:16 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 03:16 - 2015-04-21 09:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 03:16 - 2015-04-21 09:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 03:16 - 2015-04-21 09:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 03:16 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 03:16 - 2015-04-21 09:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 03:16 - 2015-04-21 09:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 03:16 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 03:16 - 2015-04-21 09:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 03:16 - 2015-04-21 09:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 03:16 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 03:16 - 2015-04-21 09:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 03:16 - 2015-04-21 09:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 03:16 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 03:16 - 2015-04-21 09:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 03:16 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 03:16 - 2015-04-21 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 03:16 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 03:16 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 03:16 - 2015-04-21 09:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 03:16 - 2015-04-21 09:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 03:16 - 2015-04-21 09:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 03:16 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 03:16 - 2015-04-21 08:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 03:16 - 2015-04-21 08:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 03:16 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 03:16 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 03:16 - 2015-04-21 08:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 03:16 - 2015-04-21 08:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 03:16 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 03:16 - 2015-04-21 08:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 03:16 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 03:16 - 2015-04-21 08:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 03:16 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 03:16 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 03:16 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 03:16 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 03:16 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 03:16 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 03:16 - 2015-04-21 08:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 03:16 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 03:16 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 03:16 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 03:16 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 03:16 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 03:16 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 03:16 - 2015-04-17 20:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 03:16 - 2015-04-17 19:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 03:16 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 03:16 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-05-13 03:16 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-05-13 03:16 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-05-13 03:16 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-05-13 03:16 - 2014-12-11 10:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-05-13 03:15 - 2015-04-27 12:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 03:15 - 2015-04-27 12:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 03:15 - 2015-04-27 12:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 03:15 - 2015-04-27 12:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 03:15 - 2015-04-27 12:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 03:15 - 2015-04-27 12:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 03:15 - 2015-04-27 12:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 03:15 - 2015-04-27 12:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 03:15 - 2015-04-27 12:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 03:15 - 2015-04-27 12:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 12:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 03:15 - 2015-04-27 12:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 03:15 - 2015-04-27 12:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 03:15 - 2015-04-27 12:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 03:15 - 2015-04-27 12:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 03:15 - 2015-04-27 12:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 03:15 - 2015-04-27 12:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 03:15 - 2015-04-27 12:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 03:15 - 2015-04-27 12:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 03:15 - 2015-04-27 12:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 03:15 - 2015-04-27 12:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 11:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 03:15 - 2015-04-27 10:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 03:15 - 2015-04-27 10:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 03:15 - 2015-04-27 10:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 03:15 - 2015-04-27 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 03:15 - 2015-04-19 20:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 03:15 - 2015-04-19 20:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 03:15 - 2015-04-19 19:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 03:15 - 2015-04-19 19:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 03:15 - 2015-02-19 21:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-05-13 03:15 - 2015-02-19 21:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-05-13 03:15 - 2015-02-19 21:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-05-13 03:15 - 2015-02-19 21:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-05-13 03:15 - 2015-02-19 20:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-05-13 03:15 - 2015-02-19 20:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-05-13 03:15 - 2015-02-02 20:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-05-13 03:15 - 2015-02-02 20:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-05-13 03:15 - 2015-02-02 20:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-05-13 03:15 - 2015-02-02 20:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-05-13 03:15 - 2015-02-02 20:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-05-13 03:15 - 2015-02-02 20:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-05-13 03:15 - 2015-02-02 20:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-05-13 03:15 - 2015-02-02 20:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-05-13 03:15 - 2015-02-02 20:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-05-13 03:15 - 2015-02-02 20:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-05-13 03:15 - 2015-02-02 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-05-13 03:15 - 2015-02-02 20:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-05-13 03:15 - 2015-02-02 20:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-05-13 03:15 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-05-13 03:15 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-05-13 03:15 - 2015-02-02 20:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-05-13 03:15 - 2015-02-02 20:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-05-13 03:15 - 2015-02-02 20:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-05-13 03:15 - 2015-02-02 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-05-13 03:15 - 2015-02-02 19:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-05-13 03:15 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-05-13 03:15 - 2014-10-31 15:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-05-13 03:15 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-05-13 03:15 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-05-13 03:15 - 2014-06-27 17:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-05-13 03:15 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-05-13 03:15 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-05-13 03:14 - 2015-04-07 20:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 03:14 - 2015-04-07 20:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 03:14 - 2015-04-07 20:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-13 03:14 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-13 03:14 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-13 03:14 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-13 03:14 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-13 03:14 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-13 03:14 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-13 03:14 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-13 03:14 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-13 03:14 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-13 03:14 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-13 03:14 - 2015-02-12 22:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-13 03:14 - 2015-02-12 22:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-13 03:14 - 2015-02-02 20:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-05-13 03:14 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-05-13 03:14 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 03:14 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 03:14 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-05-13 03:14 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-13 03:14 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-13 03:14 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-05-13 03:14 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-05-13 03:14 - 2014-10-13 19:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-05-13 03:14 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 03:14 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-05-13 03:13 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-13 03:13 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-13 03:13 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-13 03:13 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-13 03:13 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-13 03:13 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-13 03:13 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-13 03:13 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 03:13 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 03:13 - 2015-01-30 16:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 03:13 - 2014-11-25 20:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-13 03:13 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-05-13 03:13 - 2014-11-10 20:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-05-13 03:13 - 2014-11-10 19:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-05-13 03:13 - 2014-11-10 18:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-05-13 03:13 - 2014-10-03 19:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-05-13 03:13 - 2014-10-03 18:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-05-13 03:13 - 2014-10-03 18:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-05-13 03:13 - 2014-08-11 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-05-13 03:13 - 2014-08-11 18:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-05-13 03:13 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-05-13 03:12 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-13 03:12 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 03:12 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 03:12 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 03:12 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-13 03:12 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 03:12 - 2015-02-02 20:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-13 03:12 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-05-13 03:12 - 2015-01-16 19:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-13 03:12 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-05-13 03:12 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-13 03:12 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-05-13 03:12 - 2014-11-07 20:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-05-13 03:12 - 2014-11-07 19:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-05-13 03:12 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-05-13 03:12 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-05-13 03:12 - 2014-10-24 18:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-05-13 03:12 - 2014-10-24 18:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-05-13 03:12 - 2014-10-13 19:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-05-13 03:12 - 2014-10-13 18:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-05-13 03:12 - 2014-10-02 19:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-05-13 03:12 - 2014-10-02 19:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-05-13 03:12 - 2014-10-02 18:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-05-13 03:12 - 2014-10-02 18:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-05-13 03:12 - 2014-10-02 18:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-05-13 03:12 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-05-13 03:12 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-05-13 03:12 - 2014-07-16 19:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-05-13 03:12 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-05-13 03:12 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-05-13 03:12 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-05-13 03:12 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-05-13 03:12 - 2014-07-16 18:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-05-13 03:12 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-05-13 03:12 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-05-13 03:12 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-05-13 03:12 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-05-13 03:12 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-05-13 03:12 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-05-13 03:12 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-05-13 03:12 - 2011-02-18 03:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-05-13 03:12 - 2011-02-17 22:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-05-13 03:11 - 2015-02-03 20:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-13 03:11 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-05-13 03:11 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-05-13 03:11 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-05-12 20:32 - 2015-05-19 14:47 - 00000000 ____D () C:\FRST
2015-05-12 20:32 - 2015-05-15 15:29 - 00025058 _____ () C:\Users\deni\Downloads\Addition.txt
2015-05-12 19:33 - 2015-05-12 19:34 - 00009580 _____ () C:\Users\deni\Downloads\hijackthis.log
2015-05-12 19:25 - 2015-05-12 19:25 - 02204160 _____ () C:\Users\deni\Downloads\adwcleaner_4.203.exe
2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\AdwCleaner
2015-05-12 18:50 - 2015-05-12 18:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-12 18:47 - 2015-05-12 19:19 - 00000000 ____D () C:\Users\deni\Documents\ProPCCleaner
2015-05-12 18:47 - 2015-05-12 18:47 - 00000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2
2015-05-12 18:34 - 2015-05-12 18:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Macromedia
2015-05-12 18:30 - 2015-05-19 14:32 - 00000000 ____D () C:\Users\deni\AppData\Local\Adobe
2015-05-12 17:50 - 2015-05-12 17:50 - 00000000 ____D () C:\Users\deni\Documents\Migration Lost and Found
2015-05-12 17:31 - 2015-05-12 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Digital Image Suite 2006
2015-05-12 17:29 - 2015-05-12 23:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Digital Image 2006
2015-05-12 17:29 - 2005-03-23 22:55 - 00083524 ____R () C:\Windows\Enviro.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00070280 ____R () C:\Windows\Maiandit.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00068996 ____R () C:\Windows\RUNICCN.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00067648 ____R () C:\Windows\MATISSE_.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00065724 ____R () C:\Windows\PARADE.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00060716 ____R () C:\Windows\maiandb.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00055812 ____R () C:\Windows\PEPITA.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00049932 ____R () C:\Windows\OCRB.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00044304 ____R () C:\Windows\EUROSTIB.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00043704 ____R () C:\Windows\EUROSTI.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00041952 ____R () C:\Windows\PLACCOND.tt2
2015-05-12 17:29 - 2005-03-23 22:55 - 00035740 ____R () C:\Windows\KINO.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00101336 ____R () C:\Windows\EDDA.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00070324 ____R () C:\Windows\Andyb.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00043512 ____R () C:\Windows\Beesknee.tt2
2015-05-12 17:28 - 2005-03-23 22:55 - 00039472 ____R () C:\Windows\BRAGGA.tt2
2015-05-12 17:27 - 2015-05-12 17:27 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple Computer
2015-05-12 17:27 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-12 17:27 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-12 17:26 - 2015-05-12 17:27 - 00000000 ____D () C:\Program Files\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Users\deni\AppData\Local\Apple
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\iPod
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-12 17:26 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\ProgramData\Apple
2015-05-12 17:25 - 2015-05-12 17:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-12 17:25 - 2015-05-12 17:25 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-05-12 17:24 - 2015-05-12 17:24 - 152362800 _____ (Apple Inc.) C:\Users\deni\Downloads\iTunes6464Setup.exe
2015-05-12 17:18 - 2015-05-12 17:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-05-12 17:14 - 2015-05-14 03:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-05-12 17:14 - 2015-05-12 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-12 17:13 - 2015-05-12 17:13 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-12 17:11 - 2015-05-16 03:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Users\deni\AppData\Local\Microsoft Help
2015-05-12 17:11 - 2015-05-12 17:11 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-12 17:10 - 2015-05-12 17:10 - 00000000 __RHD () C:\MSOCache
2015-05-12 17:06 - 2015-05-12 17:06 - 00001848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00001836 _____ () C:\Users\Public\Desktop\Microsoft Greetings 2000.lnk
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-05-12 17:06 - 2015-05-12 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Clip Gallery
2015-05-12 17:05 - 2015-05-12 17:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Home Publishing 2000
2015-05-12 16:53 - 2015-05-19 10:16 - 00000000 ____D () C:\Users\deni\AppData\Local\Creative Home
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\HCSShell
2015-05-12 16:53 - 2015-05-12 16:53 - 00000000 ____D () C:\Users\deni\AppData\Local\Avanquest North America
2015-05-12 16:50 - 2015-05-12 16:50 - 00185664 _____ (Dell) C:\Users\deni\Downloads\cutil.exe
2015-05-12 16:39 - 2015-05-12 16:52 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2015 Deluxe.lnk
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-05-12 16:39 - 2015-05-12 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-12 15:22 - 2015-05-12 15:22 - 00002444 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2011 Deluxe.lnk
2015-05-12 15:01 - 2015-05-15 15:48 - 00000000 ____D () C:\Users\deni\AppData\Roaming\PCDr
2015-05-12 14:59 - 2015-05-12 14:59 - 11305624 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_21Y1M_WN_9.4.0.1016_A00.EXE
2015-05-12 14:58 - 2015-05-12 14:58 - 60349104 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_Y22PK_WN_9.0.0.1310_A00.EXE
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\Users\deni\AppData\Local\softthinks
2015-05-12 14:58 - 2015-05-12 14:58 - 00000000 ____D () C:\ProgramData\softthinks
2015-05-12 14:58 - 2015-03-24 11:00 - 00112128 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2015-05-12 14:58 - 2015-02-28 09:22 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2015-05-12 14:58 - 2015-02-28 09:21 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2015-05-12 14:58 - 2015-02-24 16:37 - 00655872 _____ () C:\Windows\SysWOW64\xvidcore.dll
2015-05-12 14:58 - 2015-02-24 16:37 - 00240128 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2015-05-12 14:58 - 2014-11-14 07:12 - 00254976 _____ () C:\Windows\system32\xvidvfw.dll
2015-05-12 14:58 - 2014-11-13 08:05 - 00729088 _____ () C:\Windows\system32\xvidcore.dll
2015-05-12 14:58 - 2014-08-12 20:19 - 00000113 ____H () C:\DBAR_Ver.txt
2015-05-12 14:58 - 2013-01-24 06:57 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-05-12 14:58 - 2012-07-21 04:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2015-05-12 14:58 - 2012-07-21 04:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-05-12 14:58 - 2011-12-07 11:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2015-05-12 14:58 - 2011-12-07 11:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2015-05-12 14:56 - 2015-05-12 14:56 - 20595384 _____ (Dell Inc.) C:\Users\deni\Downloads\XPS-8700_Chipset_Driver_F81X8_WN_2.5.0.19_A02.EXE
2015-05-12 14:52 - 2015-05-12 14:52 - 00000000 ____D () C:\Users\deni\AppData\Roaming\DropboxOEM
2015-05-12 14:48 - 2015-05-12 14:48 - 00031152 _____ () C:\Windows\system32\Drivers\pmxdrv.sys
2015-05-12 14:47 - 2015-05-12 14:47 - 13942144 _____ () C:\Users\deni\Downloads\XPS_8700_BIOS_A10.EXE
2015-05-12 14:43 - 2015-05-12 14:43 - 00000062 _____ () C:\SerialNumber.txt
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\ProgramData\Citrix
2015-05-12 14:39 - 2015-05-12 14:39 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-05-12 14:38 - 2015-05-18 15:54 - 00000000 ____D () C:\Users\deni\AppData\Local\Citrix
2015-05-12 14:14 - 2015-05-12 14:14 - 00002270 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2006.lnk
2015-05-12 14:14 - 2015-05-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative Home
2015-05-12 13:51 - 2015-05-19 10:18 - 00000027 _____ () C:\Users\deni\Documents\Hallmark Card Studio 2008.txt
2015-05-12 13:51 - 2015-05-12 14:01 - 00000000 ____D () C:\ProgramData\Creative Home
2015-05-12 13:50 - 2015-05-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark
2015-05-12 13:50 - 2015-05-12 13:50 - 00002787 _____ () C:\Users\Public\Desktop\Hallmark Card Studio 2008 Deluxe.lnk
2015-05-12 13:46 - 2015-05-12 16:18 - 00000000 ____D () C:\Program Files (x86)\Creative Home
2015-05-12 13:42 - 2015-05-18 14:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 13:42 - 2015-05-12 13:42 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\Users\deni\AppData\Local\Mozilla
2015-05-12 13:42 - 2015-05-12 13:42 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieUserList
2015-05-12 13:41 - 2015-05-12 13:41 - 00000000 __SHD () C:\Users\deni\AppData\Local\EmieSiteList
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\Documents\Bluetooth Exchange Folder
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Intel Corporation
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Dell
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\DropboxOEM
2015-05-12 13:34 - 2015-05-12 13:34 - 00000000 ____D () C:\Users\deni\AppData\Local\Broadcom
2015-05-12 13:33 - 2015-05-19 10:25 - 00000000 ____D () C:\Users\deni\AppData\Local\VirtualStore
2015-05-12 13:33 - 2015-05-12 13:33 - 00001415 _____ () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-12 13:31 - 2015-05-13 17:07 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Adobe
2015-05-12 13:31 - 2015-05-12 13:31 - 00000000 ____D () C:\Users\deni\AppData\Roaming\Macromedia
2015-05-12 13:30 - 2015-05-15 15:24 - 00160856 _____ () C:\Users\deni\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-12 13:30 - 2015-05-12 13:30 - 00001975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
2015-05-12 13:30 - 2015-05-12 13:30 - 00000020 ___SH () C:\Users\deni\ntuser.ini
2015-05-12 13:30 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-12 13:30 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-12 13:29 - 2015-05-16 13:26 - 00000000 ____D () C:\Users\deni

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 14:45 - 2014-12-22 02:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-19 14:23 - 2014-12-22 02:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-19 14:23 - 2014-12-22 02:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-19 14:23 - 2014-12-22 02:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-19 13:24 - 2014-12-22 05:36 - 01917787 _____ () C:\Windows\WindowsUpdate.log
2015-05-18 14:58 - 2014-12-22 05:52 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-05-18 14:58 - 2009-07-13 21:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-18 14:58 - 2009-07-13 21:45 - 00020720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-18 14:55 - 2009-07-13 22:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-18 14:50 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-18 14:49 - 2010-11-20 20:47 - 00181348 _____ () C:\Windows\PFRO.log
2015-05-18 14:49 - 2009-07-13 21:51 - 00042343 _____ () C:\Windows\setupact.log
2015-05-17 14:38 - 2009-07-13 21:45 - 00519336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-16 03:59 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-16 03:01 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2015-05-16 00:34 - 2014-12-22 05:49 - 00000000 ____D () C:\Program Files\Dell
2015-05-15 15:49 - 2014-12-22 05:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-05-15 15:48 - 2014-12-22 05:50 - 00000000 ____D () C:\ProgramData\PCDr
2015-05-15 15:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-14 04:27 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-14 04:27 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-14 04:11 - 2011-02-10 07:33 - 00775384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-12 23:05 - 2014-12-22 05:52 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-12 23:05 - 2014-12-22 02:02 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-12 23:05 - 2014-12-22 02:02 - 00000000 ____D () C:\Windows\system32\Macromed
2015-05-12 23:05 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2015-05-12 19:27 - 2014-12-22 05:52 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-12 17:18 - 2010-11-21 00:17 - 00000000 ____D () C:\Windows\ShellNew
2015-05-12 17:13 - 2014-12-22 05:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-12 17:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-12 17:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2015-05-12 14:58 - 2014-12-22 06:00 - 00009730 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-12 14:57 - 2014-12-22 05:59 - 00000000 ____D () C:\ProgramData\Dell
2015-05-12 14:50 - 2011-02-10 07:25 - 00000000 ____D () C:\dell
2015-05-12 13:35 - 2014-12-22 05:44 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-05-12 13:35 - 2014-12-22 05:42 - 00000000 ____D () C:\ProgramData\Intel
2015-05-12 13:29 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-12 13:14 - 2011-02-10 07:25 - 00000000 ____D () C:\Windows\panther

==================== Files in the root of some directories =======

2015-05-12 18:47 - 2015-05-12 18:47 - 0000064 _____ () C:\Users\deni\AppData\Local\287820c506664610beee1f1c94e948a2

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-16 03:52

==================== End Of Log ============================


----------



## migolfergirl (Oct 17, 2006)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by deni at 2015-05-19 14:48:09
Running from C:\Users\deni\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4289309018-589893681-2597226705-500 - Administrator - Disabled)
deni (S-1-5-21-4289309018-589893681-2597226705-1000 - Administrator - Enabled) => C:\Users\deni
Guest (S-1-5-21-4289309018-589893681-2597226705-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4289309018-589893681-2597226705-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{76966FD2-4189-41F1-9CF6-9D177B4DEC97}) (Version: 2.0.42.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.228 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hallmark Card Studio 2006 Deluxe (HKLM-x32\...\{3B901CB2-9DAF-43FC-BDD2-4149AF19381C}) (Version: 7.0.0.15 - Creative Home)
Hallmark Card Studio 2008 Deluxe (HKLM-x32\...\{747A6A10-DA58-48C2-A1F0-C15514419C8A}) (Version: 9.0.0.9 - Creative Home)
Hallmark Card Studio 2011 Deluxe (HKLM-x32\...\{62687EAC-F27D-49AC-A0E2-3899B0459113}) (Version: 12.0.1.7 - Hallmark Software)
Hallmark Card Studio 2015 Deluxe (HKLM-x32\...\{F2117332-1A36-4D3B-854D-A8D10735B4DF}) (Version: 16.0.0.10 - Creative Home)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Digital Image Suite 2006 (HKLM-x32\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Greetings 2000 (HKLM-x32\...\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}) (Version: 4.0.0000 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5600 - Broadcom Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

12-05-2015 13:30:02 Windows Update
12-05-2015 13:45:53 Installed Hallmark Card Studio 2008 Deluxe.
12-05-2015 13:54:23 Installed Hallmark Card Studio 2006 Deluxe
12-05-2015 15:12:36 Installed Hallmark Card Studio 2011 Deluxe.
12-05-2015 16:03:39 Installed Hallmark Card Studio 2015 Deluxe.
12-05-2015 16:18:00 Installed Hallmark Card Studio 2015 Deluxe.
12-05-2015 17:04:53 Installed Microsoft Greetings 2000
12-05-2015 17:10:44 Installed Microsoft Office Professional 2007
12-05-2015 17:15:26 Configured Microsoft Office Professional 2007
12-05-2015 17:26:06 Installed iTunes
12-05-2015 17:28:48 Installed Microsoft Digital Image Suite 2006 Editor
12-05-2015 17:31:59 Installed Microsoft Digital Image Suite 2006 Library
12-05-2015 17:46:42 Installed IntelliMover
12-05-2015 18:50:34 Removed Citrix Online Launcher
12-05-2015 18:51:28 Removed IntelliMover
12-05-2015 19:16:57 Removed UpdateAdmin
12-05-2015 23:03:51 Restore Operation
13-05-2015 17:33:09 avast! antivirus system restore point
14-05-2015 03:00:17 Windows Update
16-05-2015 03:00:13 Windows Update
17-05-2015 03:00:11 Windows Update
18-05-2015 14:46:02 avast! antivirus system restore point
18-05-2015 14:47:55 Device Driver Package Install: Avast Network Service
18-05-2015 15:54:05 Removed Citrix Online Launcher
19-05-2015 12:36:55 Revo Uninstaller Pro's restore point - Revo Uninstaller Pro 3.1.2
19-05-2015 12:42:06 Revo Uninstaller Pro's restore point - K-Lite Codec Pack
19-05-2015 12:44:22 Revo Uninstaller Pro's restore point - K-Lite Mega Codec Pack 11.0.5

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-03-27 14:56 - 00000732 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1A0AD66F-F28C-4321-8208-FCA2FDCFC787} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {25D51728-8BB7-4228-92A1-E8AE6FF823BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {2C54E981-DF5B-4F18-B2C1-4DB2F462113A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-16] ()
Task: {4B31AB15-17CA-40C6-922B-F20BA65842DB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {541377D5-0BE5-4076-AE4D-DC79CCD34728} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {8F76B52B-177F-4FE7-B698-F7DE38C4B47E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {9A94E82E-8BB3-4341-A20C-DE179ADBD904} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {A557D1BC-F1AA-485C-95AD-33CC345CF22E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AADF904B-C178-403D-882A-5DF46B721F45} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {BE32FFFD-8DE6-4AA2-AFFB-29581E10662F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {D88380FB-D37F-4616-93B0-64C31F766E08} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-13] (Avast Software s.r.o.)
Task: {DCEE23FE-231D-49CC-8676-7DEEC36B89A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-19] (Adobe Systems Incorporated)
Task: {E21E096E-C011-4837-A635-D91853A3CD7A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {ED43A5FB-0889-450A-A28A-BE9432A11803} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {FDB48244-E14A-4BA1-97AE-75C724E0A044} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-16] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-22 05:36 - 2014-01-07 17:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-22 05:52 - 2014-06-04 00:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-12-22 05:52 - 2014-06-04 00:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-12-22 05:52 - 2014-06-04 00:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00462160 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2015-03-04 15:39 - 2015-03-04 15:39 - 00074168 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.Agent.Plugins.SinkEngine.dll
2015-03-04 15:39 - 2015-03-04 15:39 - 00045480 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.SinkEngine.Common.dll
2015-03-04 15:39 - 2015-03-04 15:39 - 00036280 _____ () C:\Program Files\Dell\Dell Foundation Services\Dell.Notification.SinkEngine.Configuration.dll
2014-12-22 05:52 - 2014-07-02 06:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2010-12-20 15:31 - 2010-12-20 15:31 - 09343360 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\HCS.exe
2015-05-15 15:48 - 2015-02-25 15:22 - 00107256 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll
2015-05-15 15:48 - 2015-02-25 15:22 - 00545528 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll
2015-05-13 17:33 - 2015-05-13 17:33 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-13 17:33 - 2015-05-13 17:33 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-18 10:58 - 2015-05-18 10:58 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051801\algo.dll
2015-05-19 12:37 - 2015-05-19 12:37 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051901\algo.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00214352 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2014-09-01 20:40 - 2014-09-01 20:40 - 00114000 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2015-05-13 17:33 - 2015-05-13 17:33 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-09 23:30 - 2014-04-09 23:30 - 00134664 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-05-12 14:58 - 2013-01-24 06:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-22 05:52 - 2014-07-30 02:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-12-22 05:52 - 2012-11-25 08:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-12-22 05:52 - 2012-11-25 08:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2010-12-20 15:31 - 2010-12-20 15:31 - 00056744 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\UserExperienceRecorder.dll
2010-12-20 15:31 - 2010-12-20 15:31 - 00099216 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\MonetEngine.dll
2010-12-20 15:30 - 2010-12-20 15:30 - 00634248 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\HaruPDF.dll
2010-12-20 15:31 - 2010-12-20 15:31 - 00031128 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\MonetFramework.dll
2010-12-20 15:31 - 2010-12-20 15:31 - 00099208 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\MonetData.dll
2010-12-20 15:30 - 2010-12-20 15:30 - 00016264 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\AexReader.dll
2007-10-03 08:55 - 2007-10-03 08:55 - 01811808 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\PDFTronDLL.dll
2007-10-03 08:55 - 2007-10-03 08:55 - 01185120 _____ () C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2008 Deluxe\WPFHomePage.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ImagePath"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Software\Classes\.exe: => <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4289309018-589893681-2597226705-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\deni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{0E5EA1AD-20D7-432B-B810-8FBAC6C53CE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC4D6D66-9B02-4A92-8DE9-7924308F2665}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A020AA5F-BFFB-45A6-A826-2CCF06B7F7D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{831FA807-C5AF-4632-AADD-4B1D8E6D027F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{44EF1F9F-4D1C-4A42-9BC5-10C0503DEB3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08B4D39D-2472-46C0-A45F-42B38B654330}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F99AC4B2-2001-41FF-972D-DE7A09FCB87F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{AAE0DEF9-C6BE-4B5D-8DE9-4012F336CE91}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4D2949BB-A9CE-4472-B6DB-3EB098BEE052}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0DD2883F-682E-49EE-8A2C-1E14DD7A5B20}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2015 02:39:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90
Faulting module name: mozalloc.dll, version: 38.0.1.5611, time stamp: 0x55540a1e
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1e9c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (05/18/2015 02:50:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 02:56:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 02:48:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 02:38:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 02:34:27 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: a7f42014

Error: (05/17/2015 02:33:27 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: a7f42014

Error: (05/17/2015 02:32:27 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: a7f42014

Error: (05/17/2015 02:31:27 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: a7f42014

Error: (05/17/2015 02:30:27 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: a7f42014

System errors:
=============
Error: (05/18/2015 02:48:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (05/18/2015 02:48:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (05/18/2015 02:48:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (05/18/2015 02:48:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/17/2015 02:55:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (05/17/2015 02:55:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (05/17/2015 02:55:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (05/17/2015 02:55:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (05/17/2015 02:47:02 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (05/17/2015 02:47:02 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 36%
Total physical RAM: 8143.22 MB
Available physical RAM: 5150.79 MB
Total Pagefile: 16284.65 MB
Available Pagefile: 12566.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.74 GB) (Free:802.77 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:11.73 GB) (Free:3.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 5498EDD3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


----------



## JSntgRvr (Jul 1, 2003)

Don't worry about the registry. Those entries are part of the computer's CASHE and file associations. We just have to remove related folders to K-Lite. That will neutralize the application. Do not use Registry Cleaners. These produce more problems than benefits.

Please download the attached file, fixlist.txt, and save it in the same directory as *FRST* in the latest computer. Don't drag it into FRST. Just save the file in the same location FRST is saved.

Start *FRST* with Administrator privileges.
Press the *Fix* button.
When finished, a log file (*Fixlog.txt*) pops up and is saved to the same location the tool was run from.
Please copy and paste its contents in your next reply.


----------



## migolfergirl (Oct 17, 2006)

J, I've used FRST before, and never had an issue running the fixlist. I just keep getting the file not found error. They are side by side on the desktop. I'm running as administrator, etc. No luck.

HELP!!


----------



## migolfergirl (Oct 17, 2006)

OOOPS! Sorry. I did some digging and it turned out the FRST file on the desktop was not the one associated with the fixlist. All is good.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-05-2015
Ran by deni at 2015-05-20 09:01:05 Run:3
Running from C:\Users\deni\Desktop
Loaded Profiles: deni (Available profiles: deni)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
C:\Windows\System32\DRIVERS\mfencrk.sys
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> DefaultScope {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL =
SearchScopes: HKU\S-1-5-21-4289309018-589893681-2597226705-1000 -> {D087D92A-D0AF-48A3-A070-F01B1BDAFF36} URL =
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
C:\Program Files (x86)\K-Lite Codec Pack

*****************

mfencrk => Service not found.
"C:\Windows\System32\DRIVERS\mfencrk.sys" => File/Directory not found.
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-4289309018-589893681-2597226705-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D087D92A-D0AF-48A3-A070-F01B1BDAFF36} => Key not found. 
HKCR\CLSID\{D087D92A-D0AF-48A3-A070-F01B1BDAFF36} => Key not found. 
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack" => File/Directory not found.
"C:\Program Files (x86)\K-Lite Codec Pack" => File/Directory not found.

==== End of Fixlog 09:01:05 ====


----------



## migolfergirl (Oct 17, 2006)

migolfergirl said:


> OK.... I got antsy and went ahead and deleted every possible file/key/etc associated with K-Lite Codec. Machine didn't explode and seems to be working fine. I think I'm good.
> 
> I downloaded the fixlist.txt to the desktop, drug it to the FRST file on the desktop, clicked FIX, and it says it can't find a fixlist. I've started over 3 times....nothing is working Can you doublecheck that you sent me the right one?
> 
> ALSO: Do I need to remove the uninstaller that removed the K-Lite mess??


----------



## JSntgRvr (Jul 1, 2003)

Can you see both, *FRST* and the *Fixlist.txt* on your desktop prior to run FRST?


----------



## migolfergirl (Oct 17, 2006)

J, scroll down. I got it worked out and posted the fix log.


----------



## migolfergirl (Oct 17, 2006)

migolfergirl said:


> OOOPS! Sorry. I did some digging and it turned out the FRST file on the desktop was not the one associated with the fixlist. All is good.
> 
> Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-05-2015
> Ran by deni at 2015-05-20 09:01:05 Run:3
> ...


----------



## JSntgRvr (Jul 1, 2003)

Most computer programs are installed with its build-in uninstaller that can also help uninstall the program.

* Click Start menu and move your mouse to All Programs.
* Find Revo Uninstaller Pro folder and click on its Uninstaller.
* Follow its uninstaller and uninstall the program.

To run its uninstaller, you can also

* Go to the folder where the program is installed.
* Locate its uninstaller usually named as unins000.exe or uninstall.exe
* Double click on its uninstaller and follow it to uninstall the program.

I believe you are clear now.

We need to remove the tools we've used during cleaning your machine


Download Delfix from *here*
Ensure *Remove disinfection tools* is ticked
*Also tick:
*
Create registry backup
Purge system restore










Click *Run*
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

Here are some suggestions.


Always keep your *JAVA* updated. Older versions will make your computer vulnerable.

*Windows Updates* - It is *very important* to make sure that both Internet Explorer and Windows are kept current with *the latest critical security patches* from Microsoft.

*ERUNT* (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
For information and guidelines to follow to prevent future infections you can read * this article * by *Miekiemoes*.

Best wishes!


----------

