1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Welcome to iHelpForum - the place to get help from knowledgeable techs in all areas of Tech, Home and Auto help. Consider checking out our Guides or Registering an account to post on our forums today.

    Dismiss Notice

Multiple running processes of ie and Chrome using up serious memory and causing program lockups

Discussion in 'Virus, Spyware and Malware Removal Help' started by LadyGreenWitch, Sep 11, 2015.

  1. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    OK Mal,
    Here is the FRST log. Again it did not create an Additions log, I have verified that Addition is checked. I can't understand why it won't generate. I will be looking forward to your reply.

    TTFN,

    LGW
     

    Attached Files:

  2. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    What issues are you currently having?


    Please download and save FRST 64bit or FRST 32 bit to your Desktop.


    CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.



    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Make sure that Addition option is checked.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
     
  3. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    Any update for us?
     
  4. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    Hi Mal,
    Sorry had familial obligations over the weekend, and yesterday was my birthday! I'm still getting some lock ups, but 360 has done a fabulous job getting my pc to load more quickly, and I love it! Thanks for the tip. I have reinstalled and rerun FRST with the previous fix. Still not getting an Addition log. I have uninstalled, reinstalled, unticked and reticked the Addition box. No love. I don't know what to think. Here, again is the Fix Log.
     

    Attached Files:

  5. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    You are running the fix. i need you to scan with frst please . ;)
     
  6. Arctos

    Arctos Beware of the Bear... iHF Veteran Advisor WCG Team Member

    Joined:
    May 5, 2014
    Messages:
    3,800
    Likes Received:
    1,693
    Trophy Points:
    173
  7. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    DOH! :banghead:
    Be back with that ASAP.

    @Arctos , thank you dear, much appreciated. And the only cake I received :lol:.
     
    Last edited: Sep 23, 2015
    Arctos likes this.
  8. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    OK Mal,
    I have put my brain back into my head, and have for you the two logs. Please find attached, and forgive my blatant stupidity from before. It will not happen again. ;) I hope.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
    Ran by Teresa's Laptop (administrator) on TERESAS (23-09-2015 09:49:27)
    Running from C:\Users\Teresa's Laptop\Desktop
    Loaded Profiles: Teresa's Laptop (Available Profiles: Teresa's Laptop)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
    () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbaagent.exe
    (NETGEAR) C:\Program Files (x86)\NETGEAR\A6100\A6100.EXE
    () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\agentrcv.exe
    () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbatimer.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    (Thong Nguyen) C:\Program Files (x86)\PowerMenu\PowerMenu.exe
    (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1287800 2015-09-05] (QIHU 360 SOFTWARE CO. LIMITED)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-09-10] ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk [2014-06-01]
    ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe (Realtek Semiconductor Corp.)
    Startup: C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerMenu.lnk [2012-10-29]
    ShortcutTarget: PowerMenu.lnk -> C:\Program Files (x86)\PowerMenu\PowerMenu.exe (Thong Nguyen)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll No File
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{42018084-A013-4F62-9B18-C7BC70C477EC}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{7ACF87CE-E134-4E74-9ECC-5771258C5BAC}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{836920ED-60BD-414C-A692-62A8663A1B06}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{836920ED-60BD-414C-A692-62A8663A1B06}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{E4509911-4005-427E-A203-0413608D5900}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{EDD98A01-3A14-4257-90AD-04DC320B86C2}: [NameServer] 8.8.8.8,8.8.4.4

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-3797571617-2345687493-384676197-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-3797571617-2345687493-384676197-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> OldDefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> {308E2198-6783-485E-B21F-4C1529619369} URL = hxxps://www.google.com/search?q={searchTerms}
    BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-05] (Qihu 360 Software Co., Ltd.)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-09-05] (Qihu 360 Software Co., Ltd.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16] (Oracle Corporation)
    Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
    Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2012-04-26] (SEIKO EPSON CORPORATION)
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-16] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-16] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
    FF Plugin-x32: @mozilla.zeniko.ch/PDFLite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [No File]
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-11-21] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprjplug;version=15.0.1.13 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=15.0.1.13 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-11-21] (RealPlayer Cloud)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3797571617-2345687493-384676197-1002: @mozilla.zeniko.ch/PDFLite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll No File
    FF Plugin HKU\S-1-5-21-3797571617-2345687493-384676197-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Teresa's Laptop\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3797571617-2345687493-384676197-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Teresa's Laptop\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
    FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2012-11-16]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-21]
    FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    StartMenuInternet: firefox.exe - firefox.exe

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com"
    CHR Profile: C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-22]
    CHR Extension: (Google Drive) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-22]
    CHR Extension: (YouTube) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-22]
    CHR Extension: (Google Cast) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-08-04]
    CHR Extension: (Adblock Plus) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-06]
    CHR Extension: (Google Search) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-22]
    CHR Extension: (Google Docs Offline) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
    CHR Extension: (AdBlock) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-06]
    CHR Extension: (AllCast Receiver) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2015-09-06]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-21]
    CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-10]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-21]
    CHR Extension: (Gmail) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
    CHR HKU\S-1-5-21-3797571617-2345687493-384676197-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
    S4 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
    S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-10-18] (Macrovision Europe Ltd.) [File not signed]
    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
    R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
    S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
    S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-05] (QIHU 360 SOFTWARE CO. LIMITED)
    R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
    R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
    R2 WBA_Agent_Client_Service; C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbaagent.exe [81920 2009-02-04] () [File not signed]
    R2 WBA_Agent_Receiver; C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\agentrcv.exe [81920 2009-02-04] () [File not signed]
    R2 WBA_Scheduler; C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbatimer.exe [69632 2010-08-05] () [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)
    S3 ogmservice; "C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run [X]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-09-05] (360.cn)
    R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-05] (360.cn)
    R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-05] (360.cn)
    R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-05] (360.cn)
    R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-09-05] (360.cn)
    R3 A6100; C:\Windows\System32\DRIVERS\A6100.sys [2944216 2013-07-08] (Realtek Semiconductor Corporation )
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-09-05] (360.cn)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
    R1 ZAM; C:\Windows\System32\drivers\zam64.sys [109432 2015-09-13] (Zemana Ltd.)
    R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [109432 2015-09-13] (Zemana Ltd.)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-23 09:49 - 2015-09-23 09:51 - 00021128 _____ C:\Users\Teresa's Laptop\Desktop\FRST.txt
    2015-09-22 15:52 - 2015-09-22 15:55 - 05347480 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-09-22 14:07 - 2015-09-22 14:07 - 00129584 _____ C:\Users\Teresa's Laptop\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-09-22 13:59 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Trymedia
    2015-09-21 11:01 - 2015-09-23 09:48 - 02192384 _____ (Farbar) C:\Users\Teresa's Laptop\Desktop\FRST64.exe
    2015-09-18 11:29 - 2015-01-06 20:15 - 00104896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
    2015-09-18 11:29 - 2015-01-06 20:10 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2015-09-18 11:29 - 2015-01-06 19:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
    2015-09-18 11:29 - 2015-01-06 18:49 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2015-09-18 11:29 - 2015-01-06 18:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2015-09-18 10:55 - 2015-09-22 15:52 - 00000336 _____ C:\Windows\setupact.log
    2015-09-18 10:55 - 2015-09-18 10:55 - 00000000 _____ C:\Windows\setuperr.log
    2015-09-18 10:54 - 2015-09-22 15:52 - 00002330 _____ C:\Windows\PFRO.log
    2015-09-17 17:49 - 2015-09-17 17:49 - 00000461 _____ C:\Users\Teresa's Laptop\Documents\response to idiot on Chris' post.txt
    2015-09-17 15:28 - 2015-09-17 16:36 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\PrivaZer
    2015-09-17 15:28 - 2015-09-17 15:28 - 00001903 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
    2015-09-17 15:28 - 2015-09-17 15:28 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
    2015-09-17 15:28 - 2015-09-17 15:28 - 00000000 ____D C:\ProgramData\privazer
    2015-09-17 15:28 - 2015-09-17 15:28 - 00000000 ____D C:\Program Files (x86)\PrivaZer
    2015-09-17 14:58 - 2015-09-17 14:58 - 00001082 _____ C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wunderlist.lnk
    2015-09-17 14:58 - 2015-09-17 14:58 - 00001074 _____ C:\Users\Teresa's Laptop\Desktop\Wunderlist.lnk
    2015-09-17 14:57 - 2015-09-17 15:16 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Wunderlist
    2015-09-17 14:57 - 2015-09-17 14:58 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wunderlist
    2015-09-16 19:18 - 2015-09-23 09:48 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\FRST-OlderVersion
    2015-09-16 14:24 - 2015-09-18 11:19 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\360safe
    2015-09-16 14:24 - 2015-09-16 14:55 - 00000000 ____D C:\ProgramData\360Quarant
    2015-09-16 14:24 - 2015-09-16 14:24 - 00000000 ____D C:\Windows\Tasks\360Disabled
    2015-09-16 14:24 - 2015-09-16 14:24 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\360TotalSecurity
    2015-09-16 14:23 - 2015-09-16 14:24 - 00000000 ____D C:\ProgramData\360TotalSecurity
    2015-09-16 14:23 - 2015-09-16 14:24 - 00000000 ____D C:\ProgramData\360safe
    2015-09-16 14:23 - 2015-09-16 14:23 - 00000000 _RSHD C:\360SANDBOX
    2015-09-16 14:23 - 2015-09-16 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
    2015-09-16 14:23 - 2015-09-05 23:43 - 00363088 _____ (360.cn) C:\Windows\system32\Drivers\360fsflt.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00319568 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00178768 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS
    2015-09-16 14:23 - 2015-09-05 23:43 - 00137296 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00077904 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
    2015-09-16 14:22 - 2015-09-16 14:22 - 00000000 ____D C:\Program Files (x86)\360
    2015-09-16 04:06 - 2015-09-16 04:06 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Sun
    2015-09-16 04:06 - 2015-09-16 04:06 - 00000000 ____D C:\Users\Teresa's Laptop\.oracle_jre_usage
    2015-09-16 04:05 - 2015-09-16 04:05 - 00000000 ____D C:\Program Files (x86)\Java
    2015-09-16 03:12 - 2015-09-16 03:34 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d002017eac8b6a.job
    2015-09-16 03:12 - 2015-09-16 03:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f0683e6d4fd8.job
    2015-09-14 18:31 - 2015-09-14 18:31 - 00000932 _____ C:\Users\Teresa's Laptop\Desktop\HD Tune.lnk
    2015-09-14 18:31 - 2015-09-14 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
    2015-09-14 18:31 - 2015-09-14 18:31 - 00000000 ____D C:\Program Files (x86)\HD Tune
    2015-09-14 12:02 - 2015-09-14 18:14 - 00000000 ____D C:\Users\Teresa's Laptop\Documents\Skin Care Tips
    2015-09-13 16:16 - 2015-09-13 17:20 - 00000000 ____D C:\Users\Teresa's Laptop\Documents\iHelpForum
    2015-09-13 04:31 - 2015-09-13 12:09 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\mbar
    2015-09-13 03:52 - 2015-09-13 03:52 - 00032844 _____ C:\ComboFix.txt
    2015-09-13 01:19 - 2015-09-13 01:19 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
    2015-09-13 01:19 - 2015-09-13 01:19 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
    2015-09-13 01:19 - 2015-09-13 01:19 - 00001154 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
    2015-09-13 01:19 - 2015-09-13 01:19 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Zemana
    2015-09-13 01:19 - 2015-09-13 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
    2015-09-13 01:19 - 2015-09-13 01:19 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
    2015-09-13 00:51 - 2015-09-13 00:51 - 00000000 ____D C:\Users\Teresa's Laptop\.android
    2015-09-12 23:31 - 2015-09-13 01:04 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
    2015-09-12 23:31 - 2015-09-12 23:31 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
    2015-09-12 23:04 - 2015-09-12 23:04 - 00060396 _____ C:\Users\Teresa's Laptop\Desktop\CisReport_x64_v8.2.0.4703_20150912-230234.zip
    2015-09-12 20:53 - 2015-09-12 20:53 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Teresa's Laptop\Desktop\rkill.exe
    2015-09-12 20:52 - 2015-09-12 20:52 - 05635119 ____R (Swearware) C:\Users\Teresa's Laptop\Desktop\ComboFix.exe
    2015-09-12 20:50 - 2015-09-12 20:51 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Teresa's Laptop\Desktop\mbar-1.09.2.1008.exe
    2015-09-12 18:28 - 2015-09-23 09:51 - 01964546 _____ C:\Windows\WindowsUpdate.log
    2015-09-12 17:43 - 2015-09-12 17:43 - 00000008 __RSH C:\Users\Teresa's Laptop\ntuser.pol
    2015-09-12 17:39 - 2015-09-12 17:12 - 00024064 _____ C:\Windows\zoek-delete.exe
    2015-09-12 17:36 - 2015-09-12 17:46 - 00000000 ____D C:\zoek
    2015-09-12 17:18 - 2015-09-12 16:04 - 00000113 _____ C:\zoek-results2015-09-12-230423.log
    2015-09-12 15:41 - 2015-09-12 17:37 - 00000000 ____D C:\zoek_backup
    2015-09-12 00:30 - 2015-08-29 16:52 - 00000788 _____ C:\Users\Teresa's Laptop\Desktop\CCleaner.lnk
    2015-09-12 00:30 - 2014-06-19 22:12 - 00002126 _____ C:\Users\Teresa's Laptop\Desktop\Belarc Advisor.lnk
    2015-09-11 19:55 - 2015-09-11 19:56 - 22727240 _____ C:\Users\Teresa's Laptop\Downloads\RogueKillerX64 (1).exe
    2015-09-11 16:39 - 2015-09-11 16:54 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\ZHP
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\9-lab
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\ProgramData\9-lab
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\Program Files\9-lab
    2015-09-11 13:06 - 2015-09-13 04:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-09-11 13:06 - 2015-09-13 04:33 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-09-11 13:06 - 2015-09-11 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-09-11 13:06 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-09-11 13:06 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-09-10 11:51 - 2015-09-10 11:51 - 00002009 _____ C:\Users\Teresa's Laptop\Desktop\Eula.txt
    2015-09-09 19:38 - 2015-09-09 19:39 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-09-09 19:38 - 2015-09-09 19:39 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-09-09 19:38 - 2015-09-09 19:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-09-09 19:38 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2015-09-09 19:38 - 2015-07-14 20:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2015-09-09 19:38 - 2015-07-14 19:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-09-09 19:37 - 2015-09-09 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-09-09 19:37 - 2015-09-09 19:37 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00417064 _____ () C:\Users\Teresa's Laptop\Downloads\dellsystemdetectlauncher.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
    2015-09-09 19:37 - 2015-08-17 18:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-09-09 19:37 - 2015-08-17 18:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-09-09 19:37 - 2015-08-14 23:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-09-09 19:37 - 2015-08-14 23:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-09-09 19:37 - 2015-08-14 23:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-09-09 19:37 - 2015-08-14 23:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-09-09 19:37 - 2015-08-14 23:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-09-09 19:37 - 2015-08-14 23:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-09-09 19:37 - 2015-08-14 22:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-09-09 19:37 - 2015-08-14 22:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-09-09 19:37 - 2015-08-14 22:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-09-09 19:37 - 2015-08-14 22:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-09-09 19:37 - 2015-08-14 22:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-09-09 19:37 - 2015-08-14 22:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-09-09 19:37 - 2015-08-14 22:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-09-09 19:37 - 2015-08-14 22:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-09-09 19:37 - 2015-08-14 22:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-09-09 19:37 - 2015-08-14 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-09-09 19:37 - 2015-08-14 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-09-09 19:37 - 2015-08-14 22:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-09-09 19:37 - 2015-08-14 22:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-09-09 19:37 - 2015-08-14 21:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-09-09 19:37 - 2015-08-14 21:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-09-09 19:37 - 2015-08-14 21:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-09-09 19:37 - 2015-07-09 10:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-09-09 19:37 - 2015-07-09 10:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2015-09-09 19:37 - 2015-07-09 10:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-09-09 19:37 - 2015-07-09 10:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-09-09 19:35 - 2015-09-09 19:35 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-09-09 19:35 - 2015-09-09 19:35 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-09-09 19:34 - 2015-09-09 19:35 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-09-09 19:34 - 2015-09-09 19:35 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-09-09 19:34 - 2015-09-09 19:35 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-09-09 19:33 - 2015-09-09 19:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2015-09-09 19:33 - 2015-09-09 19:33 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2015-09-09 19:33 - 2015-09-09 19:33 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2015-09-09 19:33 - 2015-09-09 19:33 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2015-09-09 19:24 - 2015-09-09 19:24 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2015-09-09 19:24 - 2015-09-09 19:24 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2015-09-09 19:24 - 2015-09-09 19:24 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2015-09-09 19:24 - 2015-09-09 19:24 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-09-09 19:23 - 2015-09-09 19:23 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2015-09-07 19:44 - 2015-09-07 19:44 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-09-07 19:44 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
    2015-09-07 19:39 - 2015-09-07 19:39 - 00023181 _____ C:\Users\Teresa's Laptop\Desktop\dds.txt
    2015-09-06 12:22 - 2015-04-23 01:07 - 00450688 _____ C:\Windows\system32\Drivers\etc\hosts.20150906-122258.backup
    2015-09-04 23:04 - 2015-09-04 23:04 - 00000025 _____ C:\Users\Teresa's Laptop\Desktop\Artist Studio contact for Anthony.txt
    2015-09-01 13:20 - 2015-09-01 13:20 - 00000000 ____D C:\Users\Teresa's Laptop\Tracing
    2015-09-01 13:19 - 2015-09-01 13:19 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Skype
    2015-09-01 13:18 - 2015-09-01 13:18 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
    2015-09-01 13:18 - 2015-09-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-23 09:49 - 2014-05-08 00:11 - 00000000 ____D C:\FRST
    2015-09-23 09:48 - 2009-07-13 22:13 - 00978766 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-09-22 16:01 - 2009-07-13 21:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-09-22 16:01 - 2009-07-13 21:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-09-22 15:55 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\inetsrv
    2015-09-22 15:54 - 2015-08-09 14:37 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\HTC MediaHub
    2015-09-22 15:53 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-09-18 11:20 - 2013-11-06 17:05 - 00000000 ____D C:\ProgramData\Adobe
    2015-09-17 15:56 - 2013-11-01 14:25 - 00000000 ____D C:\Windows\pss
    2015-09-17 15:56 - 2011-06-17 04:27 - 00000000 ____D C:\Windows\Panther
    2015-09-17 15:56 - 2011-06-17 01:36 - 00000000 ____D C:\Windows\SoftwareDistributionOld
    2015-09-16 19:19 - 2013-09-23 01:29 - 00000000 ____D C:\Program Files (x86)\Online Games Manager
    2015-09-16 15:17 - 2013-12-19 00:05 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Apps\2.0
    2015-09-16 15:13 - 2014-06-25 13:18 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-09-16 15:10 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
    2015-09-16 14:42 - 2012-10-03 15:23 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Skype
    2015-09-16 04:30 - 2014-11-11 15:12 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2015-09-16 04:08 - 2014-06-24 15:33 - 00000000 ____D C:\ProgramData\Oracle
    2015-09-16 04:06 - 2014-06-24 15:32 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-09-16 04:06 - 2014-01-10 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
    2015-09-16 04:06 - 2014-01-10 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-09-16 04:06 - 2011-06-27 16:21 - 00000000 ____D C:\Users\Teresa's Laptop
    2015-09-16 03:26 - 2012-01-19 17:08 - 00000000 ____D C:\Program Files\CCleaner
    2015-09-13 12:09 - 2013-11-05 17:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-09-13 03:52 - 2015-04-07 18:25 - 00000000 ____D C:\Users\Theo
    2015-09-13 03:52 - 2015-03-31 18:40 - 00000000 ____D C:\Users\TEMP.TERESAS
    2015-09-13 03:52 - 2015-03-29 18:58 - 00000000 ____D C:\Users\TEMP
    2015-09-13 03:52 - 2013-11-02 01:22 - 00000000 ____D C:\Qoobox
    2015-09-13 03:49 - 2013-11-02 00:25 - 00000000 ____D C:\Windows\erdnt
    2015-09-13 03:43 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
    2015-09-13 03:41 - 2009-07-13 22:08 - 00032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-09-13 01:02 - 2012-04-07 10:49 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\Protection Software
    2015-09-13 00:51 - 2011-07-29 19:23 - 00000000 ____D C:\ProgramData\Comodo
    2015-09-13 00:45 - 2011-07-29 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
    2015-09-13 00:33 - 2011-07-29 19:27 - 00000000 ____D C:\ProgramData\AVAST Software
    2015-09-13 00:04 - 2014-05-06 14:51 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\Computer Cleaning Tools
    2015-09-12 19:55 - 2014-08-02 03:20 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\PrimoPDF
    2015-09-12 18:27 - 2014-06-10 14:49 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\CrashDumps
    2015-09-12 17:47 - 2015-08-09 15:37 - 00000000 ___RD C:\Users\Teresa's Laptop\Google Drive
    2015-09-12 17:37 - 2009-07-13 20:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
    2015-09-12 17:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
    2015-09-11 17:42 - 2014-11-06 14:59 - 00000000 ____D C:\AdwCleaner
    2015-09-11 13:06 - 2013-10-04 01:47 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-09-10 11:31 - 2010-11-21 00:17 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-10 11:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2015-09-10 03:59 - 2011-07-22 16:29 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-09-10 03:56 - 2013-09-24 14:41 - 00000000 ____D C:\Windows\system32\MRT
    2015-09-09 21:55 - 2013-12-19 00:05 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Deployment
    2015-09-09 19:40 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing
    2015-09-09 19:39 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2015-09-09 19:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
    2015-09-09 19:33 - 2011-07-25 17:44 - 00000000 ____D C:\ProgramData\Real
    2015-09-07 22:12 - 2014-05-15 20:42 - 00000000 ____D C:\Users\Teresa's Laptop\Documents\Registry Backups
    2015-09-07 19:01 - 2015-06-22 17:14 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Google
    2015-09-04 17:06 - 2015-07-21 13:51 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-09-01 13:18 - 2012-10-03 15:23 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-09-01 13:18 - 2012-10-03 15:23 - 00000000 ____D C:\ProgramData\Skype
    2015-08-29 20:00 - 2012-04-25 16:13 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-08-29 20:00 - 2011-06-27 16:36 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-08-26 18:37 - 2011-06-29 18:47 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-10-26 14:15

    ==================== End of FRST.txt ============================


    Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
    Ran by Teresa's Laptop (2015-09-23 09:52:27)
    Running from C:\Users\Teresa's Laptop\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2011-06-27 23:21:37)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3797571617-2345687493-384676197-500 - Administrator - Enabled)
    Guest (S-1-5-21-3797571617-2345687493-384676197-501 - Limited - Disabled)
    Teresa's Laptop (S-1-5-21-3797571617-2345687493-384676197-1002 - Administrator - Enabled) => C:\Users\Teresa's Laptop
    UpdatusUser (S-1-5-21-3797571617-2345687493-384676197-1004 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
    AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    1 Moment of Time - Silentville (HKLM-x32\...\76bb0c5f123df111854d819e602a0672) (Version: - GameHouse)
    360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.6.0.1028 - 360 Security Center)
    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    7 Roses - A Darkness Rises (HKLM-x32\...\0151dde2ba9f10c1696d65886214c3b9) (Version: - GameHouse)
    7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - )
    9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version: - )
    A Gypsy's Tale - The Tower of Secrets (HKLM-x32\...\am-agypsystalethetowerofsecrets) (Version: - )
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
    Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
    Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
    Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
    Alex Hunter - Lord of the Mind Platinum Edition (HKLM-x32\...\6be58c3ab163588dfb4128f4c309e8fe) (Version: - GameHouse)
    Amazing Adventures Riddle of the Two Knights(TM) (HKLM-x32\...\am-amazingadventuresriddleofthetwoknightstm) (Version: - )
    Ancient Secrets (HKLM-x32\...\1593835cce3d171de60d548bab02d4ce) (Version: - GameHouse)
    APKF 1.8.1 (HKLM-x32\...\APKF_is1) (Version: - Nsasoft LLC.)
    Apothecarium & Sister's Secrecy Bundle (HKLM-x32\...\5e70c28901a9c0edcd166b04cb7ccccc) (Version: - GameHouse)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Arizona Rose and the Pirates' Riddles (HKLM-x32\...\am-arizonaroseandthepiratesriddles) (Version: - )
    Around the World in 80 Days (HKLM-x32\...\am-aroundtheworldin80days) (Version: - )
    Azkend 2 - The World Beneath (HKLM-x32\...\am-azkend2theworldbeneath) (Version: - )
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
    Brink of Consciousness - Dorian Gray Syndrome (HKLM-x32\...\am-brinkofconsciousnessdoriangraysyndrome) (Version: - )
    Campfire Legends - The Babysitter (HKLM-x32\...\am-campfirelegendsthebabysitter) (Version: - )
    Caveman Physics (HKLM-x32\...\am-cavemanphysics) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
    Celtic Lore - Sidhe Hills (HKLM-x32\...\am-celticloresidhehills) (Version: - )
    ChromecastApp (HKU\S-1-5-21-3797571617-2345687493-384676197-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
    Chronicle Keepers - The Dreaming Garden (HKLM-x32\...\75fa100d12b40a256ec7fdbb104b786a) (Version: - GameHouse)
    Criminal Minds (HKLM-x32\...\am-criminalminds) (Version: - )
    CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
    Dark Romance - Vampire in Love Platinum Edition (HKLM-x32\...\769dd07073f57b0130eb9521878804bf) (Version: - GameHouse)
    Dark Sisterhood - The Initiation (HKLM-x32\...\167031fa2b48acbc75a43484e6a2c878) (Version: - GameHouse)
    Dark Strokes - Sins of the Fathers (HKLM-x32\...\am-darkstrokessinsofthefathers) (Version: - )
    Dell System Detect (HKU\S-1-5-21-3797571617-2345687493-384676197-1002\...\73f463568823ebbe) (Version: 6.6.0.1 - Dell)
    Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
    Demon Hunter 2 - A New Chapter Platinum Edition (HKLM-x32\...\de6c05bbf80d33df86473fd2e05be277) (Version: - GameHouse)
    DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
    Doctor Who, Episode 5 - The Gunpowder Plot (HKLM-x32\...\am-doctorwhoepisode5thegunpowderplot) (Version: - )
    Download Navigator (HKLM-x32\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
    Dracula - Love Kills (HKLM-x32\...\am-draculalovekills) (Version: - )
    Dragon Keeper (HKLM-x32\...\am-dragonkeeper) (Version: - )
    Dragon Keeper 2 (HKLM-x32\...\am-dragonkeeper2) (Version: - )
    DragonStone (HKLM-x32\...\am-dragonstone) (Version: - )
    Drawn® - The Painted Tower ™ (HKLM-x32\...\84b0bc7767c62d66493908b14ede2329) (Version: - GameHouse)
    Dream Chronicles(R) - The Book of Water(TM) (HKLM-x32\...\am-dreamchroniclesrthebookofwatertm) (Version: - )
    Dream Mysteries - Case of the Red Fox (HKLM-x32\...\am-dreammysteriescaseoftheredfox) (Version: - )
    Dreamland Extended Edition (HKLM-x32\...\am-dreamlandextendededition) (Version: - )
    Echoes of Sorrow 2 (HKLM-x32\...\a7dee3827e44ee815edf3b5436fee84c) (Version: - GameHouse)
    Empress of the Deep 2 - Song of the Blue Whale (HKLM-x32\...\am-empressofthedeep2songofthebluewhale) (Version: - )
    Entwined - Strings of Deception (HKLM-x32\...\am-entwinedstringsofdeception) (Version: - )
    Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
    Epson E-Web Print (HKLM-x32\...\{4A5404DC-D8A5-455E-96D0-9F142DAACAE7}) (Version: 1.14.0000 - SEIKO EPSON CORPORATION)
    EPSON NX430 Series Printer Uninstall (HKLM\...\EPSON NX430 Series) (Version: - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Esoterica - Hollow Earth (HKLM-x32\...\d1d2c0e8210eac5d61c5f43359ed893d) (Version: - GameHouse)
    Exorcist 2 (HKLM-x32\...\am-exorcist2) (Version: - )
    Fairy Godmother Tycoon (HKLM-x32\...\am-fairygodmothertycoon) (Version: - )
    Fall of the New Age Platinum Edition (HKLM-x32\...\e36f6da53e0e09365fbba55852297c84) (Version: - GameHouse)
    FedEx Office Printer (HKLM-x32\...\{5B9AC19C-8519-43A1-9578-49CDA1366E66}) (Version: 1.0.010 - FedEx Office)
    Feeding Frenzy (HKLM-x32\...\am-feedingfrenzy) (Version: - )
    Fiction Fixers - The Curse of Oz (HKLM-x32\...\am-fictionfixersthecurseofoz) (Version: - )
    Fill and Cross Pirate Riddles 2 (HKLM-x32\...\c7aa2b48eeff381703f42eb9fdb1f427) (Version: - GameHouse)
    Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
    Free Desktop Timer 1.2 (HKLM-x32\...\Free Desktop Timer_is1) (Version: - Drive Software Company)
    GameHouse Solitaire Challenge (HKLM-x32\...\amg-gamehousesolitairechallenge) (Version: - )
    GeekBuddy (HKLM-x32\...\{741FC38C-2797-4AC1-AD63-4B65F9CA8B20}) (Version: 4.9.73 - Comodo Security Solutions Inc)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
    Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
    Graven - The Purple Moon Prophecy (HKLM-x32\...\58db15ca4f0151125871bd314c3ab4f1) (Version: - GameHouse)
    Green Moon (HKLM-x32\...\am-greenmoon) (Version: - )
    H&R Block California 2009 (HKLM-x32\...\{F4898C08-90A2-431C-BCE5-87866531D05B}) (Version: 1.09.3601 - HRB Technology, LLC.)
    H&R Block California 2010 (HKLM-x32\...\{9FBDF580-E37F-4DEE-8F2E-75A8E8716AAD}) (Version: 1.10.4801 - HRB Technology, LLC.)
    H&R Block California 2011 (HKLM-x32\...\{10894714-E82E-4371-9CF7-F58E352C76EA}) (Version: 1.11.5001 - HRB Technology, LLC.)
    H&R Block California 2012 (HKLM-x32\...\{E040F1EC-82A9-4950-AAFE-55762AB59590}) (Version: 1.12.7501 - HRB Technology, LLC.)
    H&R Block California 2013 (HKLM-x32\...\{FA9B4B45-B7F0-47A4-894B-19BBF8829FE2}) (Version: 1.13.6901 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2009 (HKLM-x32\...\{53A19323-917A-4822-B27E-A57D1EF6E9FC}) (Version: 09.04.7101 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2011 (HKLM-x32\...\{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}) (Version: 11.05.7102 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2012 (HKLM-x32\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.05.7803 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2013 (HKLM-x32\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.7601 - HRB Technology, LLC.)
    H&R Block Premium + Efile + State 2010 (HKLM-x32\...\{529A52D1-5521-436B-83AB-1322780DCDAD}) (Version: 10.06.6402 - HRB Technology, LLC.)
    H&R Block Premium + Efile + State 2014 (HKLM-x32\...\{CDB1D329-A168-427D-837C-2075CDD3DC62}) (Version: 14.07.7401 - HRB Technology, LLC.)
    Haunted Past - Realm of Ghosts (HKLM-x32\...\am-hauntedpastrealmofghosts) (Version: - )
    HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
    Heroes of Hellas 3 - Athens (HKLM-x32\...\am-heroesofhellas3athens) (Version: - gamehouse)
    Hidden Magic (HKLM-x32\...\am-hiddenmagic) (Version: - )
    Hidden Object 5 in 1 Bundle (HKLM-x32\...\c7844ffd5e74b2a4c65e29d87f8da8fb) (Version: - GameHouse)
    Hide & Secret - The Lost World (HKLM-x32\...\am-hidesecretthelostworld) (Version: - )
    Hide & Secret (HKLM-x32\...\am-hidesecret) (Version: - )
    Hide & Secret 3 - Pharaoh's Quest (HKLM-x32\...\am-hidesecret3pharaohsquest) (Version: - )
    HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
    Hotel (HKLM-x32\...\87d02ebdbd8adab2557c70d4ef6cc141) (Version: - GameHouse)
    House of 1,000 Doors - Family Secrets (HKLM-x32\...\am-houseof1000doorsfamilysecrets) (Version: - )
    House of 1,000 Doors - The Palm of Zoroaster (HKLM-x32\...\am-houseof1000doorsthepalmofzoroaster) (Version: - )
    HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
    Hypnosis (HKLM-x32\...\835c2c58dcfcf5eb426cdbb86e165fc3) (Version: - GameHouse)
    Imperial Island - Birth of an Empire (HKLM-x32\...\afc21a17d31830fcf6e56c0e0723ed3b) (Version: - GameHouse)
    Infected - The Twin Vaccine (HKLM-x32\...\am-infectedthetwinvaccine) (Version: - )
    Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
    Into the Haze (HKLM-x32\...\4377fcbfca1a6fc49948b811cc5f62b7) (Version: - GameHouse)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
    IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
    Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
    Jewel Quest 3 (HKLM-x32\...\am-jewelquest3) (Version: - )
    Jewels of the East India Company (HKLM-x32\...\am-jewelsoftheeastindiacompany) (Version: - )
    Journey - The Heart of Gaia (HKLM-x32\...\98e1a1798ebbe1569b549f41f41c0136) (Version: - GameHouse)
    Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    Left in the Dark - No One on Board (HKLM-x32\...\c2ca6193e07d5201a7ef513ccfd56b12) (Version: - GameHouse)
    Legacy - Witch Island (HKLM-x32\...\35c474105074ec9fac693c2767f65a38) (Version: - GameHouse)
    Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
    Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
    Lost Lands - Dark Overlord Platinum Edition (HKLM-x32\...\9b264bb29bdb57d30fcff344d51d815b) (Version: - GameHouse)
    Lost Souls - Enchanted Paintings (HKLM-x32\...\am-lostsoulsenchantedpaintings) (Version: - )
    Lost Souls - Timeless Fables (HKLM-x32\...\e83dbe408ad2a2a678732ca428972f7f) (Version: - GameHouse)
    Lost Souls - Timeless Fables Platinum Edition (HKLM-x32\...\5f075e8c1f096bdbb70ed3002ae377c1) (Version: - GameHouse)
    LUXOR 5th Passage (HKLM-x32\...\am-luxor5thpassage) (Version: - )
    Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    Margrave - The Curse of the Severed Heart (HKLM-x32\...\am-margravethecurseoftheseveredheart) (Version: - )
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mind Snares - Alice's Journey (HKLM-x32\...\2baf5d7d5a25ff4f2da3a5898f415fbb) (Version: - GameHouse)
    Mortimer Beckett and the Crimson Thief (HKLM-x32\...\am-mortimerbeckettandthecrimsonthief) (Version: - )
    Mountain Crime - Requital (HKLM-x32\...\am-mountaincrimerequital) (Version: - )
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    Mysteries and Nightmares - Morgiana (HKLM-x32\...\9bcbef2f42968eacc864d1c27120d7b3) (Version: - GameHouse)
    Mysteries of Neverville - The Runestone of Light (HKLM-x32\...\161f33e3a36069962019db9720926803) (Version: - GameHouse)
    Mystery Valley Extended Edition (HKLM-x32\...\am-mysteryvalleyextendededition) (Version: - )
    Namariel Legends - Iron Lord (HKLM-x32\...\d4709f0b9185bf5c99e51eada9f90dc5) (Version: - GameHouse)
    Nancy Drew(R) - Phantom of Venice (HKLM-x32\...\am-nancydrewrphantomofvenice) (Version: - )
    Nancy Drew(R) - Secrets Can Kill (HKLM-x32\...\am-nancydrewrsecretscankill) (Version: - )
    Nancy Drew(R) - Shadow at the Water's Edge (HKLM-x32\...\c0e87eb48b6604512534d61f404fe5ca) (Version: - GameHouse)
    Nancy Drew(R) - Trail of the Twister (HKLM-x32\...\am-nancydrewrtrailofthetwister) (Version: - )
    Nancy Drew(R) - Warnings at Waverly Academy (HKLM-x32\...\am-nancydrewrwarningsatwaverlyacademy) (Version: - )
    Nearwood - Platinum Edition (HKLM-x32\...\8a90126eb3d5532165c12e49c32be2c4) (Version: - GameHouse)
    NETGEAR A6100 Genie (HKLM-x32\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.13 - NETGEAR)
    NETGEAR A6100 Genie (x32 Version: 1.0.0.13 - NETGEAR) Hidden
    Nightfall Mysteries Double Pack (HKLM-x32\...\am-nightfallmysteriesdoublepack) (Version: - )
    Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
    NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
    NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
    Oddly Enough - Pied Piper (HKLM-x32\...\am-oddlyenoughpiedpiper) (Version: - )
    Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
    OnTopReplica (HKU\S-1-5-21-3797571617-2345687493-384676197-1002\...\OnTopReplica) (Version: 3.3.1.0 - Lorenz Cuno Klopfenstein)
    Origins - Elders of Time Platinum Edition (HKLM-x32\...\752de7da65dcc156809f9124c8638e8d) (Version: - GameHouse)
    Paint Shop Pro 7 (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.2.0000 - Jasc Software Inc)
    Paranormal State - Poison Spring (HKLM-x32\...\8ce99105cdc037737b5e400f00823efc) (Version: - GameHouse)
    PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Pirate Mysteries - A Tale of Monkeys (HKLM-x32\...\am-piratemysteriesataleofmonkeys) (Version: - )
    Plants vs. Zombies(TM) (HKLM-x32\...\am-plantsvszombiestm) (Version: - )
    Portal of Evil - Stolen Runes Platinum Edition (HKLM-x32\...\727c8d316900aaa68559400945a0228a) (Version: - GameHouse)
    Portal of Evil - Stolen Runes Platinum Edition (HKLM-x32\...\ace933cc383aea1f6707a1cf34be5b1d) (Version: - GameHouse)
    PowerMenu 1.51 (HKLM-x32\...\PowerMenu) (Version: 1.51 - Thong Nguyen)
    PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
    Princess Isabella - A Witch's Curse (HKLM-x32\...\am-princessisabellaawitchscurse) (Version: - )
    Princess Isabella - Return of the Curse (HKLM-x32\...\am-princessisabellareturnofthecurse) (Version: - )
    PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.37.0.0 - Goversoft LLC)
    Psycho Train (HKLM-x32\...\d20d655161af3a790c318338eaa4c97c) (Version: - GameHouse)
    Queen's Quest - Tower of Darkness (HKLM-x32\...\1179eb54a09cdd4754545e54cd8ac85f) (Version: - GameHouse)
    Questerium - Sinister Trinity (HKLM-x32\...\d55516a6a882b59ab44d977dc9d731c9) (Version: - GameHouse)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
    RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
    RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
    RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Redemption Cemetery - Curse of the Raven Platinum Edition (HKLM-x32\...\0da4ea0db0718093e065c4f218823f5c) (Version: - GameHouse)
    RehearScore (HKLM-x32\...\RehearScore) (Version: - )
    Revenge of the Spirit - Rite of Resurrection (HKLM-x32\...\am-revengeofthespiritriteofresurrection) (Version: - )
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Riddles of the Past (HKLM-x32\...\60158577dff1648bd1b7caf0b14257de) (Version: - GameHouse)
    RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software)
    Romance of Rome (HKLM-x32\...\6130f8ce920a3dc637ec70968a293e9d) (Version: - GameHouse)
    Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
    Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
    Royal Envoy 2 (HKLM-x32\...\am-royalenvoy2) (Version: - )
    R-Studio 5.4 (HKLM-x32\...\R-Studio 5.4NSIS) (Version: 5.4.134130 - R-Tools Technology Inc.)
    Sacra Terra - Angelic Night (HKLM-x32\...\am-sacraterraangelicnight) (Version: - )
    Sacra Terra - Angelic Night Platinum Edition (HKLM-x32\...\am-sacraterraangelicnightplatinumedition) (Version: - )
    Sacra Terra - House of 1,000 Doors Platinum Bundle (HKLM-x32\...\6ecf0f0586202c8cd3200b6c3a29f8b8) (Version: - GameHouse)
    Saqqarah (HKLM-x32\...\am-saqqarah) (Version: - )
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Sherlock Holmes and The Hound of The Baskervilles (HKLM-x32\...\am-sherlockholmesandthehoundofthebaskervilles) (Version: - )
    Sherlock Holmes and the Mystery of the Persian Carpet (HKLM-x32\...\am-sherlockholmesandthemysteryofthepersiancarpet) (Version: - )
    Sister's Secrecy - Arcanum Bloodlines Premium Edition (HKLM-x32\...\am-sisterssecrecyarcanumbloodlinespremiumedition) (Version: - )
    SKIP-BO Castaway Caper(TM) (HKLM-x32\...\am-skipbocastawaycapertm) (Version: - )
    Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
    Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
    Snark Busters - High Society (HKLM-x32\...\am-snarkbustershighsociety) (Version: - )
    Snark Busters 2 - All Revved Up (HKLM-x32\...\am-snarkbusters2allrevvedup) (Version: - )
    Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
    Space Legends - At the Edge of the Universe (HKLM-x32\...\bc1a5ce90cdecc0fbf435f20b2fe5407) (Version: - GameHouse)
    Spirit Walkers - Curse of the Cypress Witch (HKLM-x32\...\am-spiritwalkerscurseofthecypresswitch) (Version: - )
    Suburban Mysteries - The Labyrinth of the Past (HKLM-x32\...\am-suburbanmysteriesthelabyrinthofthepast) (Version: - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Syberia - Kate Walker's Adventures (HKLM-x32\...\am-syberiakatewalkersadventures) (Version: - )
    Syberia 2 - Kate Walker's Adventure Continues (HKLM-x32\...\am-syberia2katewalkersadventurecontinues) (Version: - )
    Tales From The Dragon Mountain - The Strix (HKLM-x32\...\8adc348cb23a5a28aac774e079515f4b) (Version: - GameHouse)
    Tales of Lagoona 2 - Peril at Poseidon Park (HKLM-x32\...\e5ca5ffe79cf7db4021e9324dc6e4d42) (Version: - GameHouse)
    TaxCut California 2007 (HKLM-x32\...\{5FF4A578-4588-4ACF-8317-7191FC45F3E1}) (Version: 1.07.6601 - H&R Block Digital Tax Solutions LLC.)
    TaxCut Premium 2007 (HKLM-x32\...\{4732D4A0-5A47-44D8-9B84-B3BD4906D30D}) (Version: 07.03.0000 - H & R Block)
    Temple of Life - The Legend of Four Elements (HKLM-x32\...\am-templeoflifethelegendoffourelements) (Version: - )
    Temple of Life - The Legend of Four Elements Platinum Edition (HKLM-x32\...\b827c4d2c9e4a90a0169c252694d9200) (Version: - GameHouse)
    The Book of Desires (HKLM-x32\...\am-thebookofdesires) (Version: - )
    The Fog (HKLM-x32\...\3cfdc0cf55dbf8b5527b367f75816f46) (Version: - GameHouse)
    The Gift (HKLM-x32\...\am-thegift) (Version: - gamehouse)
    The Others (HKLM-x32\...\6224652de70f36a3a2aaed2f3a267969) (Version: - GameHouse)
    The Surprising Adventures of Munchausen(TM) (HKLM-x32\...\4614e7bd103689992587ac7bb19048ab) (Version: - GameHouse)
    The Treasures of Montezuma 3 (HKLM-x32\...\am-thetreasuresofmontezuma3) (Version: - )
    The Worlds' Legends - Kashchey The Immortal (HKLM-x32\...\am-theworldslegendskashcheytheimmortal) (Version: - )
    Transcribe! 8.21 (HKLM-x32\...\Transcribe!_is1) (Version: 8.21 - Seventh String Software)
    Twisted Lands - Insomniac (HKLM-x32\...\am-twistedlandsinsomniac) (Version: - )
    Twisted Lands - Insomniac Platinum Edition (HKLM-x32\...\665fb76b1ae1cb8fbd5affdef4d9c75a) (Version: - GameHouse)
    Twisted Lands - Origin (HKLM-x32\...\am-twistedlandsorigin) (Version: - )
    Twisted Lands - Shadow Town (HKLM-x32\...\am-twistedlandsshadowtown) (Version: - )
    Typer Shark Deluxe (HKLM-x32\...\a9621caff77c46b78dc2a0047b2e57d6) (Version: - GameHouse)
    Unsolved Mystery Club® - Ancient Astronauts® Platinum Edition (HKLM-x32\...\255c1bba88fb6ecb1290390e35a9f53e) (Version: - GameHouse)
    UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VSDC Free Video Editor version 2.1.9.227 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.1.9.227 - Flash-Integro LLC)
    Warlock - The Curse of the Shaman (HKLM-x32\...\56ab7424e3dd1940ed4b6fdcd410804d) (Version: - GameHouse)
    Web BRAdmin (HKLM-x32\...\{C221F359-D738-4D58-8419-B7DD51C5E6DC}) (Version: 1.60.0001 - Brother)
    Weird Park - Broken Tune (HKLM-x32\...\d7d582ded28f5a1123e0015e395d1a17) (Version: - GameHouse)
    Weird Park - Scary Tales (HKLM-x32\...\a2e464c2511b2e9de52e7b41dbc19694) (Version: - GameHouse)
    Weird Park - The Final Show (HKLM-x32\...\6fd86948eb7dc0973edf679ef604f9c9) (Version: - GameHouse)
    Where Angels Cry (HKLM-x32\...\am-whereangelscry) (Version: - gamehouse)
    Whispered Stories - Sandman (HKLM-x32\...\am-whisperedstoriessandman) (Version: - )
    Whispers (HKLM-x32\...\am-whispers) (Version: - )
    White Haven Mysteries (HKLM-x32\...\am-whitehavenmysteries) (Version: - )
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
    Witch's Pranks Platinum Edition (HKLM-x32\...\7dd9501ac1a5a69b1b9128e6d58a9c17) (Version: - GameHouse)
    Wondershare Video Editor(Build 4.6.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
    World Riddles - Animals (HKLM-x32\...\am-worldriddlesanimals) (Version: - )
    World Riddles - Secrets of the Ages (HKLM-x32\...\am-worldriddlessecretsoftheages) (Version: - )
    Youda Mystery - The Stanwick Legacy (HKLM-x32\...\am-youdamysterythestanwicklegacy) (Version: - )
    Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.17.116 - Zemana Ltd.)
    Zuma Deluxe (HKLM-x32\...\amg-zumadeluxe) (Version: - )

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    Check "winmgmt" service or repair WMI.


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2015-09-22 09:17 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {2213DEE5-8077-47AA-812F-0338FC2639AF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => C:\Windows\system32\GWX\GWX.exe
    Task: {821865A2-1903-444E-88D6-C91F5329CF3C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => C:\Windows\system32\GWX\GWX.exe
    Task: {A587BBA1-BE95-4A5E-A77F-36215CFB38A6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => C:\Windows\system32\GWX\GWX.exe
    Task: {A77266D1-9C7C-4F01-9042-6420F6B4AB76} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => C:\Windows\system32\GWX\GWX.exe
    Task: {B671F6AB-A1FD-425D-AFB5-48EFBE96895A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => C:\Windows\system32\GWX\GWX.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d002017eac8b6a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f0683e6d4fd8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-08-02 03:18 - 2011-02-28 15:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
    2011-08-22 15:39 - 2013-08-26 05:12 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2015-09-16 14:23 - 2015-09-05 23:43 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
    2015-09-13 01:19 - 2015-09-13 01:19 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
    2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2014-01-16 17:15 - 2009-02-04 18:24 - 00081920 _____ () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbaagent.exe
    2014-01-16 17:15 - 2009-02-04 18:17 - 00081920 _____ () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\agentrcv.exe
    2014-01-16 17:15 - 2010-08-05 16:31 - 00069632 _____ () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbatimer.exe
    2015-07-14 15:23 - 2015-07-14 15:23 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    2015-09-16 14:23 - 2015-09-05 23:43 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
    2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-07-14 15:22 - 2015-07-14 15:22 - 00030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
    2015-07-14 15:22 - 2015-07-14 15:22 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
    2015-07-14 15:23 - 2015-07-14 15:23 - 00059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
    2015-07-14 15:22 - 2015-07-14 15:22 - 00035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
    2015-07-14 15:23 - 2015-07-14 15:23 - 00079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
    2015-07-14 15:24 - 2015-07-14 15:24 - 00129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
    2015-07-14 15:26 - 2015-07-14 15:26 - 00223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
    2013-07-17 11:57 - 2013-07-17 11:57 - 00094208 _____ () C:\Program Files (x86)\NETGEAR\A6100\Realtek.dll
    2012-11-06 09:47 - 2012-11-06 09:47 - 00114688 _____ () C:\Program Files (x86)\NETGEAR\A6100\EnumDevLib.dll
    2014-01-16 17:25 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> www.125sms.co.uk
    IE restricted site: HKU\.DEFAULT\...\125sms.com -> www.125sms.com
    IE restricted site: HKU\.DEFAULT\...\12w.net -> download-video.12w.net
    IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com
    IE restricted site: HKU\.DEFAULT\...\1337-crew.to -> www.1337-crew.to
    IE restricted site: HKU\.DEFAULT\...\1337crew.info -> www.1337crew.info
    IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
    IE restricted site: HKU\.DEFAULT\...\150freesms.de -> www.150freesms.de
    IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com
    IE restricted site: HKU\.DEFAULT\...\17concepts.info -> www.17concepts.info
    IE restricted site: HKU\.DEFAULT\...\1800searchonline.com -> www.1800searchonline.com
    IE restricted site: HKU\.DEFAULT\...\180searchassistant.com -> www.180searchassistant.com
    IE restricted site: HKU\.DEFAULT\...\180solutions.com -> bis.180solutions.com
    IE restricted site: HKU\.DEFAULT\...\1987324.com -> www.1987324.com
    IE restricted site: HKU\.DEFAULT\...\1gb.ru -> people.1gb.ru
    IE restricted site: HKU\.DEFAULT\...\1ghporn.info -> www.1ghporn.info
    IE restricted site: HKU\.DEFAULT\...\1importantiamreal.com -> www.1importantiamreal.com

    There are 7866 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3797571617-2345687493-384676197-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    mpsdrv Firewall Service is not running.
    MpsSvc Firewall Service is not running.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: AdobeARMservice => 3
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AERTFilters => 2
    MSCONFIG\Services: CLKMSVC10_9EC60124 => 2
    MSCONFIG\Services: cmdAgent => 2
    MSCONFIG\Services: ehSched => 3
    MSCONFIG\Services: EpsonCustomerParticipation => 2
    MSCONFIG\Services: FLEXnet Licensing Service => 3
    MSCONFIG\Services: GeekBuddyRSP => 2
    MSCONFIG\Services: gupdate => 3
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: gusvc => 3
    MSCONFIG\Services: MBAMScheduler => 2
    MSCONFIG\Services: MpsSvc => 2
    MSCONFIG\Services: RasAuto => 3
    MSCONFIG\Services: RasMan => 3
    MSCONFIG\Services: RealPlayerUpdateSvc => 3
    MSCONFIG\Services: RoxMediaDB12OEM => 3
    MSCONFIG\Services: RoxWatch12 => 2
    MSCONFIG\Services: seclogon => 2
    MSCONFIG\Services: SessionEnv => 3
    MSCONFIG\Services: SkypeUpdate => 3
    MSCONFIG\Services: stllssvr => 3
    MSCONFIG\Services: SysMain => 2
    MSCONFIG\Services: Updater Service for PDFLite Toolbar => 2
    MSCONFIG\Services: WPCSvc => 3
    MSCONFIG\Services: ZAMSvc => 3
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
    MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{D290F13A-BE7D-4236-BA66-A86BF5EC7617}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
    FirewallRules: [{7814380D-39F8-441B-A1E4-9E1230834260}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

    ==================== Faulty Device Manager Devices =============

    Could not list Devices. Check "winmgmt" service or repair WMI.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/22/2015 03:06:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program OUTLOOK.EXE version 14.0.7157.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: a08

    Start Time: 01d0f5824ab15f1e

    Termination Time: 811

    Application Path: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

    Report Id: 18aac658-6176-11e5-96f6-14feb59e107b

    Error: (09/22/2015 03:01:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program OUTLOOK.EXE version 14.0.7157.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1550

    Start Time: 01d0f57aa1c6d740

    Termination Time: 0

    Application Path: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

    Report Id: 17b5b2db-6175-11e5-96f6-14feb59e107b

    Error: (09/22/2015 01:42:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1078

    Start Time: 01d0f57540c7da14

    Termination Time: 25

    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Report Id:

    Error: (09/22/2015 09:37:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.18015 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: d68

    Start Time: 01d0f554c2f42fe3

    Termination Time: 10

    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Report Id:

    Error: (09/22/2015 09:15:19 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {943b8be6-bced-4016-96b4-152d01add626}

    Error: (09/18/2015 11:02:41 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {83659df3-2301-4624-a07f-bf941b00cc56}

    Error: (09/17/2015 03:55:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/17/2015 03:55:56 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/17/2015 03:55:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/17/2015 03:55:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.

    Context: Windows Application

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


    System errors:
    =============
    Error: (09/23/2015 03:02:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Update for Windows 7 for x64-based Systems (KB3035583).

    Error: (09/23/2015 03:02:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 06:35:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 06:25:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 06:15:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 06:05:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 05:55:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 05:45:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 05:35:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/22/2015 05:25:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


    CodeIntegrity:
    ===================================
    Date: 2015-09-13 03:39:20.210
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-09-13 03:39:20.179
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
    Percentage of memory in use: 30%
    Total physical RAM: 8086.17 MB
    Available physical RAM: 5587.41 MB
    Total Virtual: 16170.54 MB
    Available Virtual: 14020.66 MB

    ==================== Drives ================================

    Drive c: (OSDisk) (Fixed) (Total:452.09 GB) (Free:205.12 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:7.25 GB) NTFS
    Drive f: (DATAPART1) (Fixed) (Total:465.76 GB) (Free:438.6 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 58EFAF19)
    Partition 1: (Active) - (Size=452.1 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0A33DD5B)
    Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     

    Attached Files:

    Last edited by a moderator: Sep 23, 2015
  9. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    Gonna run another FRST fix to clean up some rubbish, but please run this tool for me then reboot twice after and tell me how things are.

    1. Download the portable version of Windows Repair (All In One) from here, Windows Repair (All In One). (Make sure you have your computer running in a clean boot state BEFORE running repairs. If you need assistance with performing a clean boot then follow the instructions here, How to perform a clean boot in Windows)



    2. Download the portable zipped folder to your desktop.



    3. Extract the contents of the zipped folder, and then right click on the Repair_Windows.exe file and select run as administrator.



    4. After the program opens, click on the Step 3 tab and click the Do It button to have the program run Check Disk on the file system.



    [​IMG]



    5. After the computer finishes running Check Disk, start the program again and proceed to Step 4.



    6. Click on the Step 4 tab and click on the Do It button to allow the program to run the System File Checker to find and fix any corrupt Windows files.



    [​IMG].



    7. After SFC finishes, proceed to the Step 5 tab.



    8. On the Step 5 tab go ahead and create a new system restore point before starting the repair by clicking on the Create button under the System Restore area.



    [​IMG].



    9. Once that is done click on the Start Repairs tab.



    10. On the Start Repairs tab click on the Start button and select Run when prompted.



    [​IMG]



    11. The Windows Repairs window will open. Now ensure that ONLY the checkboxes in the program are checked as indicated below:



    [​IMG]



    As far as what you can not see: Make sure and tick the boxes numbered.26, 27, 31,33










    12. Then when those checkboxes are selected, click on the checkbox that says Restart System when Finished.



    13. Now click on the Start button to start the repair process.



    14. The process could take some time so please be patient.



    15. After the repair process finishes, the computer will be rebooted.



    16. See if there is any difference after performing the above steps.





    Thanks to Evan Omo for the speech.
     
  10. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    Hey Mal,

    You might want to make a few tweaks to the instructions, as the repair tool instructs you to use the Repair in Safe Mode, and might have saved me over eight hours of time. Just lettin' you know, no hard feelings. :)
    I have run the repair twice, and things seem to be running more smoothly, however, I will need to tweak here and there, because it restarted Microsoft Firewall, and a few other things. But all in all well done my friend. I have run another FRST scan and please find the logs attached. Looking forward to hearing from you.

    TTFN,

    LGW

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
    Ran by Teresa's Laptop (administrator) on TERESAS (25-09-2015 22:22:56)
    Running from C:\Users\Teresa's Laptop\Desktop
    Loaded Profiles: Teresa's Laptop (Available Profiles: Teresa's Laptop)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/


    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
    () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbaagent.exe
    () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\agentrcv.exe
    () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbatimer.exe
    (Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
    (NETGEAR) C:\Program Files (x86)\NETGEAR\A6100\A6100.EXE
    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1287800 2015-09-05] (QIHU 360 SOFTWARE CO. LIMITED)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-09-10] ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
    Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
    Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
    Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{42018084-A013-4F62-9B18-C7BC70C477EC}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{7ACF87CE-E134-4E74-9ECC-5771258C5BAC}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{836920ED-60BD-414C-A692-62A8663A1B06}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{836920ED-60BD-414C-A692-62A8663A1B06}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{E4509911-4005-427E-A203-0413608D5900}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{EDD98A01-3A14-4257-90AD-04DC320B86C2}: [NameServer] 8.8.8.8,8.8.4.4

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3797571617-2345687493-384676197-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-3797571617-2345687493-384676197-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-3797571617-2345687493-384676197-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> OldDefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3797571617-2345687493-384676197-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-05] (Qihu 360 Software Co., Ltd.)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-09-05] (Qihu 360 Software Co., Ltd.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16] (Oracle Corporation)
    Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
    Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2012-04-26] (SEIKO EPSON CORPORATION)
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-16] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-16] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
    FF Plugin-x32: @mozilla.zeniko.ch/PDFLite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [No File]
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-11-21] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprjplug;version=15.0.1.13 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=15.0.1.13 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll [2012-01-11] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-11-21] (RealPlayer Cloud)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3797571617-2345687493-384676197-1002: @mozilla.zeniko.ch/PDFLite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll No File
    FF Plugin HKU\S-1-5-21-3797571617-2345687493-384676197-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Teresa's Laptop\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3797571617-2345687493-384676197-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Teresa's Laptop\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
    FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2012-11-16]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-21]
    FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    StartMenuInternet: firefox.exe - firefox.exe

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com"
    CHR Profile: C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-22]
    CHR Extension: (Google Drive) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-22]
    CHR Extension: (YouTube) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-22]
    CHR Extension: (Google Cast) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-08-04]
    CHR Extension: (Adblock Plus) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-06]
    CHR Extension: (Google Search) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-22]
    CHR Extension: (Google Docs Offline) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
    CHR Extension: (AdBlock) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-06]
    CHR Extension: (AllCast Receiver) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2015-09-06]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-21]
    CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-10]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-21]
    CHR Extension: (Gmail) - C:\Users\Teresa's Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
    CHR HKU\S-1-5-21-3797571617-2345687493-384676197-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
    S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
    S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-10-18] (Macrovision Europe Ltd.) [File not signed]
    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
    R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
    S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
    S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-05] (QIHU 360 SOFTWARE CO. LIMITED)
    R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
    R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
    R2 WBA_Agent_Client_Service; C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbaagent.exe [81920 2009-02-04] () [File not signed]
    R2 WBA_Agent_Receiver; C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\agentrcv.exe [81920 2009-02-04] () [File not signed]
    R2 WBA_Scheduler; C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbatimer.exe [69632 2010-08-05] () [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)
    S3 ogmservice; "C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run [X]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-09-05] (360.cn)
    R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-05] (360.cn)
    R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-05] (360.cn)
    R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-05] (360.cn)
    R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-09-05] (360.cn)
    R3 A6100; C:\Windows\System32\DRIVERS\A6100.sys [2944216 2013-07-08] (Realtek Semiconductor Corporation )
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-09-05] (360.cn)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
    R1 ZAM; C:\Windows\System32\drivers\zam64.sys [109432 2015-09-13] (Zemana Ltd.)
    R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [109432 2015-09-13] (Zemana Ltd.)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-25 22:14 - 2015-09-25 22:15 - 00050268 _____ C:\Users\Teresa's Laptop\Desktop\Addition.txt
    2015-09-25 22:13 - 2015-09-25 22:22 - 00020600 _____ C:\Users\Teresa's Laptop\Desktop\FRST.txt
    2015-09-25 17:38 - 2015-09-25 20:37 - 05347480 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-09-25 01:33 - 2015-09-25 01:33 - 00000207 _____ C:\Windows\tweaking.com-regbackup-TERESAS-Windows-7-Home-Premium-(64-bit).dat
    2015-09-25 01:32 - 2015-09-25 01:32 - 00000000 ____D C:\RegBackup
    2015-09-25 00:58 - 2015-09-25 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2015-09-25 00:58 - 2015-09-25 03:01 - 00000000 ___SD C:\Windows\system32\GWX
    2015-09-24 13:30 - 2015-09-24 13:30 - 00002165 _____ C:\Users\Teresa's Laptop\Desktop\Tweaking.com - Windows Repair.lnk
    2015-09-24 13:29 - 2015-09-25 17:35 - 00003674 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
    2015-09-24 13:29 - 2015-09-24 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2015-09-24 13:29 - 2015-09-24 13:29 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
    2015-09-23 18:36 - 2015-09-23 18:36 - 00000017 _____ C:\Users\Teresa's Laptop\AppData\Local\resmon.resmoncfg
    2015-09-22 13:59 - 2015-09-23 18:11 - 00000000 ____D C:\ProgramData\Trymedia
    2015-09-21 11:01 - 2015-09-23 09:48 - 02192384 _____ (Farbar) C:\Users\Teresa's Laptop\Desktop\FRST64.exe
    2015-09-18 11:29 - 2015-01-06 20:15 - 00104896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
    2015-09-18 11:29 - 2015-01-06 20:10 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2015-09-18 11:29 - 2015-01-06 19:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
    2015-09-18 11:29 - 2015-01-06 18:49 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2015-09-18 11:29 - 2015-01-06 18:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2015-09-18 10:55 - 2015-09-25 20:36 - 00000840 _____ C:\Windows\setupact.log
    2015-09-18 10:55 - 2015-09-18 10:55 - 00000000 _____ C:\Windows\setuperr.log
    2015-09-18 10:54 - 2015-09-25 17:38 - 00005702 _____ C:\Windows\PFRO.log
    2015-09-17 17:49 - 2015-09-17 17:49 - 00000461 _____ C:\Users\Teresa's Laptop\Documents\response to idiot on Chris' post.txt
    2015-09-17 15:28 - 2015-09-17 16:36 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\PrivaZer
    2015-09-17 15:28 - 2015-09-17 15:28 - 00001903 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
    2015-09-17 15:28 - 2015-09-17 15:28 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
    2015-09-17 15:28 - 2015-09-17 15:28 - 00000000 ____D C:\ProgramData\privazer
    2015-09-17 15:28 - 2015-09-17 15:28 - 00000000 ____D C:\Program Files (x86)\PrivaZer
    2015-09-17 14:58 - 2015-09-17 14:58 - 00001082 _____ C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wunderlist.lnk
    2015-09-17 14:58 - 2015-09-17 14:58 - 00001074 _____ C:\Users\Teresa's Laptop\Desktop\Wunderlist.lnk
    2015-09-17 14:57 - 2015-09-17 15:16 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Wunderlist
    2015-09-17 14:57 - 2015-09-17 14:58 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wunderlist
    2015-09-16 19:18 - 2015-09-23 09:48 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\FRST-OlderVersion
    2015-09-16 14:24 - 2015-09-23 10:52 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\360safe
    2015-09-16 14:24 - 2015-09-16 14:55 - 00000000 ____D C:\ProgramData\360Quarant
    2015-09-16 14:24 - 2015-09-16 14:24 - 00000000 ____D C:\Windows\Tasks\360Disabled
    2015-09-16 14:24 - 2015-09-16 14:24 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\360TotalSecurity
    2015-09-16 14:23 - 2015-09-23 13:44 - 00000000 _RSHD C:\360SANDBOX
    2015-09-16 14:23 - 2015-09-16 14:24 - 00000000 ____D C:\ProgramData\360TotalSecurity
    2015-09-16 14:23 - 2015-09-16 14:24 - 00000000 ____D C:\ProgramData\360safe
    2015-09-16 14:23 - 2015-09-16 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
    2015-09-16 14:23 - 2015-09-05 23:43 - 00363088 _____ (360.cn) C:\Windows\system32\Drivers\360fsflt.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00319568 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00178768 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS
    2015-09-16 14:23 - 2015-09-05 23:43 - 00137296 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00077904 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
    2015-09-16 14:23 - 2015-09-05 23:43 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
    2015-09-16 14:22 - 2015-09-16 14:22 - 00000000 ____D C:\Program Files (x86)\360
    2015-09-16 04:06 - 2015-09-16 04:06 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Sun
    2015-09-16 04:06 - 2015-09-16 04:06 - 00000000 ____D C:\Users\Teresa's Laptop\.oracle_jre_usage
    2015-09-16 04:05 - 2015-09-16 04:05 - 00000000 ____D C:\Program Files (x86)\Java
    2015-09-16 03:12 - 2015-09-16 03:34 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d002017eac8b6a.job
    2015-09-16 03:12 - 2015-09-16 03:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f0683e6d4fd8.job
    2015-09-14 18:31 - 2015-09-14 18:31 - 00000932 _____ C:\Users\Teresa's Laptop\Desktop\HD Tune.lnk
    2015-09-14 18:31 - 2015-09-14 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
    2015-09-14 18:31 - 2015-09-14 18:31 - 00000000 ____D C:\Program Files (x86)\HD Tune
    2015-09-14 12:02 - 2015-09-14 18:14 - 00000000 ____D C:\Users\Teresa's Laptop\Documents\Skin Care Tips
    2015-09-13 16:16 - 2015-09-13 17:20 - 00000000 ____D C:\Users\Teresa's Laptop\Documents\iHelpForum
    2015-09-13 04:31 - 2015-09-13 12:09 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\mbar
    2015-09-13 03:52 - 2015-09-13 03:52 - 00032844 _____ C:\ComboFix.txt
    2015-09-13 01:19 - 2015-09-13 01:19 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
    2015-09-13 01:19 - 2015-09-13 01:19 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
    2015-09-13 01:19 - 2015-09-13 01:19 - 00001154 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
    2015-09-13 01:19 - 2015-09-13 01:19 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Zemana
    2015-09-13 01:19 - 2015-09-13 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
    2015-09-13 01:19 - 2015-09-13 01:19 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
    2015-09-13 00:51 - 2015-09-13 00:51 - 00000000 ____D C:\Users\Teresa's Laptop\.android
    2015-09-12 23:31 - 2015-09-13 01:04 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
    2015-09-12 23:31 - 2015-09-12 23:31 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
    2015-09-12 23:04 - 2015-09-12 23:04 - 00060396 _____ C:\Users\Teresa's Laptop\Desktop\CisReport_x64_v8.2.0.4703_20150912-230234.zip
    2015-09-12 20:53 - 2015-09-12 20:53 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Teresa's Laptop\Desktop\rkill.exe
    2015-09-12 20:52 - 2015-09-12 20:52 - 05635119 ____R (Swearware) C:\Users\Teresa's Laptop\Desktop\ComboFix.exe
    2015-09-12 20:50 - 2015-09-12 20:51 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Teresa's Laptop\Desktop\mbar-1.09.2.1008.exe
    2015-09-12 18:28 - 2015-09-25 20:44 - 01682147 _____ C:\Windows\WindowsUpdate.log
    2015-09-12 17:43 - 2015-09-25 17:29 - 00000008 __RSH C:\Users\Teresa's Laptop\ntuser.pol
    2015-09-12 17:39 - 2015-09-12 17:12 - 00024064 _____ C:\Windows\zoek-delete.exe
    2015-09-12 17:36 - 2015-09-12 17:46 - 00000000 ____D C:\zoek
    2015-09-12 17:18 - 2015-09-12 16:04 - 00000113 _____ C:\zoek-results2015-09-12-230423.log
    2015-09-12 15:41 - 2015-09-12 17:37 - 00000000 ____D C:\zoek_backup
    2015-09-12 00:30 - 2015-08-29 16:52 - 00000788 _____ C:\Users\Teresa's Laptop\Desktop\CCleaner.lnk
    2015-09-12 00:30 - 2014-06-19 22:12 - 00002126 _____ C:\Users\Teresa's Laptop\Desktop\Belarc Advisor.lnk
    2015-09-11 19:55 - 2015-09-11 19:56 - 22727240 _____ C:\Users\Teresa's Laptop\Downloads\RogueKillerX64 (1).exe
    2015-09-11 16:39 - 2015-09-11 16:54 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\ZHP
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\9-lab
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\ProgramData\9-lab
    2015-09-11 14:56 - 2015-09-11 14:56 - 00000000 ____D C:\Program Files\9-lab
    2015-09-11 13:06 - 2015-09-13 04:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-09-11 13:06 - 2015-09-13 04:33 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-09-11 13:06 - 2015-09-11 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-09-11 13:06 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-09-11 13:06 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-09-10 11:51 - 2015-09-10 11:51 - 00002009 _____ C:\Users\Teresa's Laptop\Desktop\Eula.txt
    2015-09-09 19:38 - 2015-09-09 19:39 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-09-09 19:38 - 2015-09-09 19:39 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-09-09 19:38 - 2015-09-09 19:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-09-09 19:38 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2015-09-09 19:38 - 2015-07-14 20:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2015-09-09 19:38 - 2015-07-14 19:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-09-09 19:37 - 2015-09-09 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-09-09 19:37 - 2015-09-09 19:37 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00417064 _____ () C:\Users\Teresa's Laptop\Downloads\dellsystemdetectlauncher.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-09-09 19:37 - 2015-09-09 19:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-09-09 19:37 - 2015-09-09 19:37 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
    2015-09-09 19:37 - 2015-08-17 18:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-09-09 19:37 - 2015-08-17 18:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-09-09 19:37 - 2015-08-14 23:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-09-09 19:37 - 2015-08-14 23:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-09-09 19:37 - 2015-08-14 23:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-09-09 19:37 - 2015-08-14 23:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-09-09 19:37 - 2015-08-14 23:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-09-09 19:37 - 2015-08-14 23:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-09-09 19:37 - 2015-08-14 22:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-09-09 19:37 - 2015-08-14 22:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-09-09 19:37 - 2015-08-14 22:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-09-09 19:37 - 2015-08-14 22:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-09-09 19:37 - 2015-08-14 22:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-09-09 19:37 - 2015-08-14 22:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-09-09 19:37 - 2015-08-14 22:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-09-09 19:37 - 2015-08-14 22:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-09-09 19:37 - 2015-08-14 22:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-09-09 19:37 - 2015-08-14 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-09-09 19:37 - 2015-08-14 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-09-09 19:37 - 2015-08-14 22:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-09-09 19:37 - 2015-08-14 22:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-09-09 19:37 - 2015-08-14 21:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-09-09 19:37 - 2015-08-14 21:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-09-09 19:37 - 2015-08-14 21:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-09-09 19:37 - 2015-07-09 10:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-09-09 19:37 - 2015-07-09 10:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2015-09-09 19:37 - 2015-07-09 10:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-09-09 19:37 - 2015-07-09 10:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-09-09 19:35 - 2015-09-09 19:35 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-09-09 19:35 - 2015-09-09 19:35 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-09-09 19:35 - 2015-09-09 19:35 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-09-09 19:34 - 2015-09-09 19:35 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-09-09 19:34 - 2015-09-09 19:35 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-09-09 19:34 - 2015-09-09 19:35 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-09-09 19:34 - 2015-09-09 19:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-09-09 19:34 - 2015-09-09 19:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-09-09 19:33 - 2015-09-09 19:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2015-09-09 19:33 - 2015-09-09 19:33 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2015-09-09 19:33 - 2015-09-09 19:33 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2015-09-09 19:33 - 2015-09-09 19:33 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2015-09-09 19:26 - 2015-09-09 19:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2015-09-09 19:24 - 2015-09-09 19:24 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2015-09-09 19:24 - 2015-09-09 19:24 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2015-09-09 19:24 - 2015-09-09 19:24 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2015-09-09 19:24 - 2015-09-09 19:24 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2015-09-09 19:24 - 2015-09-09 19:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-09-09 19:23 - 2015-09-09 19:23 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-09-09 19:23 - 2015-09-09 19:23 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-09-09 19:23 - 2015-09-09 19:23 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2015-09-07 19:44 - 2015-09-07 19:44 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-09-07 19:44 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
    2015-09-07 19:39 - 2015-09-07 19:39 - 00023181 _____ C:\Users\Teresa's Laptop\Desktop\dds.txt
    2015-09-06 12:22 - 2015-04-23 01:07 - 00450688 _____ C:\Windows\system32\Drivers\etc\hosts.20150906-122258.backup
    2015-09-04 23:04 - 2015-09-04 23:04 - 00000025 _____ C:\Users\Teresa's Laptop\Desktop\Artist Studio contact for Anthony.txt
    2015-09-01 13:20 - 2015-09-01 13:20 - 00000000 ____D C:\Users\Teresa's Laptop\Tracing
    2015-09-01 13:19 - 2015-09-01 13:19 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Skype
    2015-09-01 13:18 - 2015-09-01 13:18 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
    2015-09-01 13:18 - 2015-09-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-25 22:22 - 2014-05-08 00:11 - 00000000 ____D C:\FRST
    2015-09-25 21:40 - 2009-07-13 21:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-09-25 21:40 - 2009-07-13 21:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-09-25 20:42 - 2009-07-13 22:13 - 00819204 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-09-25 20:39 - 2015-08-09 14:37 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\HTC MediaHub
    2015-09-25 20:39 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\inetsrv
    2015-09-25 20:36 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-09-25 20:31 - 2009-07-13 19:34 - 00000549 _____ C:\Windows\win.ini
    2015-09-25 20:23 - 2011-09-28 21:16 - 00819204 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-09-25 17:35 - 2014-06-10 14:49 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\CrashDumps
    2015-09-25 17:29 - 2011-06-27 16:21 - 00000000 ____D C:\Users\Teresa's Laptop
    2015-09-25 17:24 - 2012-02-07 18:23 - 00003160 _____ C:\Windows\System32\Tasks\SidebarExecute
    2015-09-25 17:23 - 2009-07-13 19:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_236
    2015-09-24 13:44 - 2011-06-17 01:47 - 00000000 ____D C:\ProgramData\Sonic
    2015-09-24 13:31 - 2013-11-01 14:25 - 00000000 ____D C:\Windows\pss
    2015-09-23 14:34 - 2012-04-25 16:13 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-09-23 14:34 - 2011-06-27 16:36 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-09-23 14:33 - 2012-09-13 18:10 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Adobe
    2015-09-23 13:50 - 2011-06-17 04:27 - 00000000 ____D C:\Windows\Panther
    2015-09-23 13:38 - 2011-06-27 16:22 - 00001419 _____ C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-09-22 09:17 - 2009-07-13 19:34 - 00000035 _____ C:\Windows\system32\Drivers\etc\hosts_bak_245
    2015-09-18 11:20 - 2013-11-06 17:05 - 00000000 ____D C:\ProgramData\Adobe
    2015-09-17 15:56 - 2011-06-17 01:36 - 00000000 ____D C:\Windows\SoftwareDistributionOld
    2015-09-16 19:19 - 2013-09-23 01:29 - 00000000 ____D C:\Program Files (x86)\Online Games Manager
    2015-09-16 15:17 - 2013-12-19 00:05 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Apps\2.0
    2015-09-16 15:13 - 2014-06-25 13:18 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-09-16 15:10 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
    2015-09-16 14:42 - 2012-10-03 15:23 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\Skype
    2015-09-16 04:30 - 2014-11-11 15:12 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2015-09-16 04:08 - 2014-06-24 15:33 - 00000000 ____D C:\ProgramData\Oracle
    2015-09-16 04:06 - 2014-06-24 15:32 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-09-16 04:06 - 2014-01-10 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
    2015-09-16 04:06 - 2014-01-10 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-09-16 03:26 - 2012-01-19 17:08 - 00000000 ____D C:\Program Files\CCleaner
    2015-09-13 12:09 - 2013-11-05 17:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-09-13 03:52 - 2015-04-07 18:25 - 00000000 ____D C:\Users\Theo
    2015-09-13 03:52 - 2015-03-31 18:40 - 00000000 ____D C:\Users\TEMP.TERESAS
    2015-09-13 03:52 - 2015-03-29 18:58 - 00000000 ____D C:\Users\TEMP
    2015-09-13 03:52 - 2013-11-02 01:22 - 00000000 ____D C:\Qoobox
    2015-09-13 03:49 - 2013-11-02 00:25 - 00000000 ____D C:\Windows\erdnt
    2015-09-13 03:43 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
    2015-09-13 03:41 - 2009-07-13 22:08 - 00032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-09-13 01:02 - 2012-04-07 10:49 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\Protection Software
    2015-09-13 00:51 - 2011-07-29 19:23 - 00000000 ____D C:\ProgramData\Comodo
    2015-09-13 00:45 - 2011-07-29 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
    2015-09-13 00:33 - 2011-07-29 19:27 - 00000000 ____D C:\ProgramData\AVAST Software
    2015-09-13 00:04 - 2014-05-06 14:51 - 00000000 ____D C:\Users\Teresa's Laptop\Desktop\Computer Cleaning Tools
    2015-09-12 19:55 - 2014-08-02 03:20 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Roaming\PrimoPDF
    2015-09-12 17:47 - 2015-08-09 15:37 - 00000000 ___RD C:\Users\Teresa's Laptop\Google Drive
    2015-09-12 17:37 - 2009-07-13 20:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
    2015-09-12 17:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
    2015-09-11 17:42 - 2014-11-06 14:59 - 00000000 ____D C:\AdwCleaner
    2015-09-11 13:06 - 2013-10-04 01:47 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-09-10 11:31 - 2010-11-21 00:17 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-10 11:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2015-09-10 03:59 - 2011-07-22 16:29 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-09-10 03:56 - 2013-09-24 14:41 - 00000000 ____D C:\Windows\system32\MRT
    2015-09-09 21:55 - 2013-12-19 00:05 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Deployment
    2015-09-09 19:40 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing
    2015-09-09 19:39 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2015-09-09 19:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
    2015-09-09 19:33 - 2011-07-25 17:44 - 00000000 ____D C:\ProgramData\Real
    2015-09-07 22:12 - 2014-05-15 20:42 - 00000000 ____D C:\Users\Teresa's Laptop\Documents\Registry Backups
    2015-09-07 19:01 - 2015-06-22 17:14 - 00000000 ____D C:\Users\Teresa's Laptop\AppData\Local\Google
    2015-09-04 17:06 - 2015-07-21 13:51 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-09-01 13:18 - 2012-10-03 15:23 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-09-01 13:18 - 2012-10-03 15:23 - 00000000 ____D C:\ProgramData\Skype
    2015-08-26 18:37 - 2011-06-29 18:47 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Files in the root of some directories =======

    2015-09-23 18:36 - 2015-09-23 18:36 - 0000017 _____ () C:\Users\Teresa's Laptop\AppData\Local\resmon.resmoncfg

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-10-26 14:15

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
    Ran by Teresa's Laptop (2015-09-25 22:23:17)
    Running from C:\Users\Teresa's Laptop\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2011-06-27 23:21:37)
    Boot Mode: Normal

    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3797571617-2345687493-384676197-500 - Administrator - Enabled)
    Guest (S-1-5-21-3797571617-2345687493-384676197-501 - Limited - Disabled)
    Teresa's Laptop (S-1-5-21-3797571617-2345687493-384676197-1002 - Administrator - Enabled) => C:\Users\Teresa's Laptop
    UpdatusUser (S-1-5-21-3797571617-2345687493-384676197-1004 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
    AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    1 Moment of Time - Silentville (HKLM-x32\...\76bb0c5f123df111854d819e602a0672) (Version: - GameHouse)
    360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.6.0.1028 - 360 Security Center)
    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    7 Roses - A Darkness Rises (HKLM-x32\...\0151dde2ba9f10c1696d65886214c3b9) (Version: - GameHouse)
    7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - )
    9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version: - )
    A Gypsy's Tale - The Tower of Secrets (HKLM-x32\...\am-agypsystalethetowerofsecrets) (Version: - )
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
    Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
    Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
    Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
    Alex Hunter - Lord of the Mind Platinum Edition (HKLM-x32\...\6be58c3ab163588dfb4128f4c309e8fe) (Version: - GameHouse)
    Amazing Adventures Riddle of the Two Knights(TM) (HKLM-x32\...\am-amazingadventuresriddleofthetwoknightstm) (Version: - )
    Ancient Secrets (HKLM-x32\...\1593835cce3d171de60d548bab02d4ce) (Version: - GameHouse)
    APKF 1.8.1 (HKLM-x32\...\APKF_is1) (Version: - Nsasoft LLC.)
    Apothecarium & Sister's Secrecy Bundle (HKLM-x32\...\5e70c28901a9c0edcd166b04cb7ccccc) (Version: - GameHouse)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Arizona Rose and the Pirates' Riddles (HKLM-x32\...\am-arizonaroseandthepiratesriddles) (Version: - )
    Around the World in 80 Days (HKLM-x32\...\am-aroundtheworldin80days) (Version: - )
    Azkend 2 - The World Beneath (HKLM-x32\...\am-azkend2theworldbeneath) (Version: - )
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
    Brink of Consciousness - Dorian Gray Syndrome (HKLM-x32\...\am-brinkofconsciousnessdoriangraysyndrome) (Version: - )
    Campfire Legends - The Babysitter (HKLM-x32\...\am-campfirelegendsthebabysitter) (Version: - )
    Caveman Physics (HKLM-x32\...\am-cavemanphysics) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
    Celtic Lore - Sidhe Hills (HKLM-x32\...\am-celticloresidhehills) (Version: - )
    ChromecastApp (HKU\S-1-5-21-3797571617-2345687493-384676197-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
    Chronicle Keepers - The Dreaming Garden (HKLM-x32\...\75fa100d12b40a256ec7fdbb104b786a) (Version: - GameHouse)
    Criminal Minds (HKLM-x32\...\am-criminalminds) (Version: - )
    CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
    Dark Romance - Vampire in Love Platinum Edition (HKLM-x32\...\769dd07073f57b0130eb9521878804bf) (Version: - GameHouse)
    Dark Sisterhood - The Initiation (HKLM-x32\...\167031fa2b48acbc75a43484e6a2c878) (Version: - GameHouse)
    Dark Strokes - Sins of the Fathers (HKLM-x32\...\am-darkstrokessinsofthefathers) (Version: - )
    Dell System Detect (HKU\S-1-5-21-3797571617-2345687493-384676197-1002\...\73f463568823ebbe) (Version: 6.6.0.1 - Dell)
    Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
    Demon Hunter 2 - A New Chapter Platinum Edition (HKLM-x32\...\de6c05bbf80d33df86473fd2e05be277) (Version: - GameHouse)
    DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
    Doctor Who, Episode 5 - The Gunpowder Plot (HKLM-x32\...\am-doctorwhoepisode5thegunpowderplot) (Version: - )
    Download Navigator (HKLM-x32\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
    Dracula - Love Kills (HKLM-x32\...\am-draculalovekills) (Version: - )
    Dragon Keeper (HKLM-x32\...\am-dragonkeeper) (Version: - )
    Dragon Keeper 2 (HKLM-x32\...\am-dragonkeeper2) (Version: - )
    DragonStone (HKLM-x32\...\am-dragonstone) (Version: - )
    Drawn® - The Painted Tower ™ (HKLM-x32\...\84b0bc7767c62d66493908b14ede2329) (Version: - GameHouse)
    Dream Chronicles(R) - The Book of Water(TM) (HKLM-x32\...\am-dreamchroniclesrthebookofwatertm) (Version: - )
    Dream Mysteries - Case of the Red Fox (HKLM-x32\...\am-dreammysteriescaseoftheredfox) (Version: - )
    Dreamland Extended Edition (HKLM-x32\...\am-dreamlandextendededition) (Version: - )
    Echoes of Sorrow 2 (HKLM-x32\...\a7dee3827e44ee815edf3b5436fee84c) (Version: - GameHouse)
    Empress of the Deep 2 - Song of the Blue Whale (HKLM-x32\...\am-empressofthedeep2songofthebluewhale) (Version: - )
    Entwined - Strings of Deception (HKLM-x32\...\am-entwinedstringsofdeception) (Version: - )
    Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
    Epson E-Web Print (HKLM-x32\...\{4A5404DC-D8A5-455E-96D0-9F142DAACAE7}) (Version: 1.14.0000 - SEIKO EPSON CORPORATION)
    EPSON NX430 Series Printer Uninstall (HKLM\...\EPSON NX430 Series) (Version: - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Esoterica - Hollow Earth (HKLM-x32\...\d1d2c0e8210eac5d61c5f43359ed893d) (Version: - GameHouse)
    Exorcist 2 (HKLM-x32\...\am-exorcist2) (Version: - )
    Fairy Godmother Tycoon (HKLM-x32\...\am-fairygodmothertycoon) (Version: - )
    Fall of the New Age Platinum Edition (HKLM-x32\...\e36f6da53e0e09365fbba55852297c84) (Version: - GameHouse)
    FedEx Office Printer (HKLM-x32\...\{5B9AC19C-8519-43A1-9578-49CDA1366E66}) (Version: 1.0.010 - FedEx Office)
    Feeding Frenzy (HKLM-x32\...\am-feedingfrenzy) (Version: - )
    Fiction Fixers - The Curse of Oz (HKLM-x32\...\am-fictionfixersthecurseofoz) (Version: - )
    Fill and Cross Pirate Riddles 2 (HKLM-x32\...\c7aa2b48eeff381703f42eb9fdb1f427) (Version: - GameHouse)
    Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
    Free Desktop Timer 1.2 (HKLM-x32\...\Free Desktop Timer_is1) (Version: - Drive Software Company)
    GameHouse Solitaire Challenge (HKLM-x32\...\amg-gamehousesolitairechallenge) (Version: - )
    GeekBuddy (HKLM-x32\...\{741FC38C-2797-4AC1-AD63-4B65F9CA8B20}) (Version: 4.9.73 - Comodo Security Solutions Inc)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
    Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
    Graven - The Purple Moon Prophecy (HKLM-x32\...\58db15ca4f0151125871bd314c3ab4f1) (Version: - GameHouse)
    Green Moon (HKLM-x32\...\am-greenmoon) (Version: - )
    H&R Block California 2009 (HKLM-x32\...\{F4898C08-90A2-431C-BCE5-87866531D05B}) (Version: 1.09.3601 - HRB Technology, LLC.)
    H&R Block California 2010 (HKLM-x32\...\{9FBDF580-E37F-4DEE-8F2E-75A8E8716AAD}) (Version: 1.10.4801 - HRB Technology, LLC.)
    H&R Block California 2011 (HKLM-x32\...\{10894714-E82E-4371-9CF7-F58E352C76EA}) (Version: 1.11.5001 - HRB Technology, LLC.)
    H&R Block California 2012 (HKLM-x32\...\{E040F1EC-82A9-4950-AAFE-55762AB59590}) (Version: 1.12.7501 - HRB Technology, LLC.)
    H&R Block California 2013 (HKLM-x32\...\{FA9B4B45-B7F0-47A4-894B-19BBF8829FE2}) (Version: 1.13.6901 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2009 (HKLM-x32\...\{53A19323-917A-4822-B27E-A57D1EF6E9FC}) (Version: 09.04.7101 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2011 (HKLM-x32\...\{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}) (Version: 11.05.7102 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2012 (HKLM-x32\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.05.7803 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2013 (HKLM-x32\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.7601 - HRB Technology, LLC.)
    H&R Block Premium + Efile + State 2010 (HKLM-x32\...\{529A52D1-5521-436B-83AB-1322780DCDAD}) (Version: 10.06.6402 - HRB Technology, LLC.)
    H&R Block Premium + Efile + State 2014 (HKLM-x32\...\{CDB1D329-A168-427D-837C-2075CDD3DC62}) (Version: 14.07.7401 - HRB Technology, LLC.)
    Haunted Past - Realm of Ghosts (HKLM-x32\...\am-hauntedpastrealmofghosts) (Version: - )
    HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
    Heroes of Hellas 3 - Athens (HKLM-x32\...\am-heroesofhellas3athens) (Version: - gamehouse)
    Hidden Magic (HKLM-x32\...\am-hiddenmagic) (Version: - )
    Hidden Object 5 in 1 Bundle (HKLM-x32\...\c7844ffd5e74b2a4c65e29d87f8da8fb) (Version: - GameHouse)
    Hide & Secret - The Lost World (HKLM-x32\...\am-hidesecretthelostworld) (Version: - )
    Hide & Secret (HKLM-x32\...\am-hidesecret) (Version: - )
    Hide & Secret 3 - Pharaoh's Quest (HKLM-x32\...\am-hidesecret3pharaohsquest) (Version: - )
    HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
    Hotel (HKLM-x32\...\87d02ebdbd8adab2557c70d4ef6cc141) (Version: - GameHouse)
    House of 1,000 Doors - Family Secrets (HKLM-x32\...\am-houseof1000doorsfamilysecrets) (Version: - )
    House of 1,000 Doors - The Palm of Zoroaster (HKLM-x32\...\am-houseof1000doorsthepalmofzoroaster) (Version: - )
    HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
    Hypnosis (HKLM-x32\...\835c2c58dcfcf5eb426cdbb86e165fc3) (Version: - GameHouse)
    Imperial Island - Birth of an Empire (HKLM-x32\...\afc21a17d31830fcf6e56c0e0723ed3b) (Version: - GameHouse)
    Infected - The Twin Vaccine (HKLM-x32\...\am-infectedthetwinvaccine) (Version: - )
    Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
    Into the Haze (HKLM-x32\...\4377fcbfca1a6fc49948b811cc5f62b7) (Version: - GameHouse)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
    IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
    Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
    Jewel Quest 3 (HKLM-x32\...\am-jewelquest3) (Version: - )
    Jewels of the East India Company (HKLM-x32\...\am-jewelsoftheeastindiacompany) (Version: - )
    Journey - The Heart of Gaia (HKLM-x32\...\98e1a1798ebbe1569b549f41f41c0136) (Version: - GameHouse)
    Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    Left in the Dark - No One on Board (HKLM-x32\...\c2ca6193e07d5201a7ef513ccfd56b12) (Version: - GameHouse)
    Legacy - Witch Island (HKLM-x32\...\35c474105074ec9fac693c2767f65a38) (Version: - GameHouse)
    Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
    Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
    Lost Lands - Dark Overlord Platinum Edition (HKLM-x32\...\9b264bb29bdb57d30fcff344d51d815b) (Version: - GameHouse)
    Lost Souls - Enchanted Paintings (HKLM-x32\...\am-lostsoulsenchantedpaintings) (Version: - )
    Lost Souls - Timeless Fables (HKLM-x32\...\e83dbe408ad2a2a678732ca428972f7f) (Version: - GameHouse)
    Lost Souls - Timeless Fables Platinum Edition (HKLM-x32\...\5f075e8c1f096bdbb70ed3002ae377c1) (Version: - GameHouse)
    LUXOR 5th Passage (HKLM-x32\...\am-luxor5thpassage) (Version: - )
    Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    Margrave - The Curse of the Severed Heart (HKLM-x32\...\am-margravethecurseoftheseveredheart) (Version: - )
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mind Snares - Alice's Journey (HKLM-x32\...\2baf5d7d5a25ff4f2da3a5898f415fbb) (Version: - GameHouse)
    Mortimer Beckett and the Crimson Thief (HKLM-x32\...\am-mortimerbeckettandthecrimsonthief) (Version: - )
    Mountain Crime - Requital (HKLM-x32\...\am-mountaincrimerequital) (Version: - )
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    Mysteries and Nightmares - Morgiana (HKLM-x32\...\9bcbef2f42968eacc864d1c27120d7b3) (Version: - GameHouse)
    Mysteries of Neverville - The Runestone of Light (HKLM-x32\...\161f33e3a36069962019db9720926803) (Version: - GameHouse)
    Mystery Valley Extended Edition (HKLM-x32\...\am-mysteryvalleyextendededition) (Version: - )
    Namariel Legends - Iron Lord (HKLM-x32\...\d4709f0b9185bf5c99e51eada9f90dc5) (Version: - GameHouse)
    Nancy Drew(R) - Phantom of Venice (HKLM-x32\...\am-nancydrewrphantomofvenice) (Version: - )
    Nancy Drew(R) - Secrets Can Kill (HKLM-x32\...\am-nancydrewrsecretscankill) (Version: - )
    Nancy Drew(R) - Shadow at the Water's Edge (HKLM-x32\...\c0e87eb48b6604512534d61f404fe5ca) (Version: - GameHouse)
    Nancy Drew(R) - Trail of the Twister (HKLM-x32\...\am-nancydrewrtrailofthetwister) (Version: - )
    Nancy Drew(R) - Warnings at Waverly Academy (HKLM-x32\...\am-nancydrewrwarningsatwaverlyacademy) (Version: - )
    Nearwood - Platinum Edition (HKLM-x32\...\8a90126eb3d5532165c12e49c32be2c4) (Version: - GameHouse)
    NETGEAR A6100 Genie (HKLM-x32\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.13 - NETGEAR)
    NETGEAR A6100 Genie (x32 Version: 1.0.0.13 - NETGEAR) Hidden
    Nightfall Mysteries Double Pack (HKLM-x32\...\am-nightfallmysteriesdoublepack) (Version: - )
    Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
    NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
    NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
    Oddly Enough - Pied Piper (HKLM-x32\...\am-oddlyenoughpiedpiper) (Version: - )
    Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
    OnTopReplica (HKU\S-1-5-21-3797571617-2345687493-384676197-1002\...\OnTopReplica) (Version: 3.3.1.0 - Lorenz Cuno Klopfenstein)
    Origins - Elders of Time Platinum Edition (HKLM-x32\...\752de7da65dcc156809f9124c8638e8d) (Version: - GameHouse)
    Paint Shop Pro 7 (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.2.0000 - Jasc Software Inc)
    Paranormal State - Poison Spring (HKLM-x32\...\8ce99105cdc037737b5e400f00823efc) (Version: - GameHouse)
    PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Pirate Mysteries - A Tale of Monkeys (HKLM-x32\...\am-piratemysteriesataleofmonkeys) (Version: - )
    Plants vs. Zombies(TM) (HKLM-x32\...\am-plantsvszombiestm) (Version: - )
    Portal of Evil - Stolen Runes Platinum Edition (HKLM-x32\...\727c8d316900aaa68559400945a0228a) (Version: - GameHouse)
    Portal of Evil - Stolen Runes Platinum Edition (HKLM-x32\...\ace933cc383aea1f6707a1cf34be5b1d) (Version: - GameHouse)
    PowerMenu 1.51 (HKLM-x32\...\PowerMenu) (Version: 1.51 - Thong Nguyen)
    PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
    Princess Isabella - A Witch's Curse (HKLM-x32\...\am-princessisabellaawitchscurse) (Version: - )
    Princess Isabella - Return of the Curse (HKLM-x32\...\am-princessisabellareturnofthecurse) (Version: - )
    PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.37.0.0 - Goversoft LLC)
    Psycho Train (HKLM-x32\...\d20d655161af3a790c318338eaa4c97c) (Version: - GameHouse)
    Queen's Quest - Tower of Darkness (HKLM-x32\...\1179eb54a09cdd4754545e54cd8ac85f) (Version: - GameHouse)
    Questerium - Sinister Trinity (HKLM-x32\...\d55516a6a882b59ab44d977dc9d731c9) (Version: - GameHouse)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
    RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
    RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
    RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Redemption Cemetery - Curse of the Raven Platinum Edition (HKLM-x32\...\0da4ea0db0718093e065c4f218823f5c) (Version: - GameHouse)
    RehearScore (HKLM-x32\...\RehearScore) (Version: - )
    Revenge of the Spirit - Rite of Resurrection (HKLM-x32\...\am-revengeofthespiritriteofresurrection) (Version: - )
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Riddles of the Past (HKLM-x32\...\60158577dff1648bd1b7caf0b14257de) (Version: - GameHouse)
    RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software)
    Romance of Rome (HKLM-x32\...\6130f8ce920a3dc637ec70968a293e9d) (Version: - GameHouse)
    Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
    Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
    Royal Envoy 2 (HKLM-x32\...\am-royalenvoy2) (Version: - )
    R-Studio 5.4 (HKLM-x32\...\R-Studio 5.4NSIS) (Version: 5.4.134130 - R-Tools Technology Inc.)
    Sacra Terra - Angelic Night (HKLM-x32\...\am-sacraterraangelicnight) (Version: - )
    Sacra Terra - Angelic Night Platinum Edition (HKLM-x32\...\am-sacraterraangelicnightplatinumedition) (Version: - )
    Sacra Terra - House of 1,000 Doors Platinum Bundle (HKLM-x32\...\6ecf0f0586202c8cd3200b6c3a29f8b8) (Version: - GameHouse)
    Saqqarah (HKLM-x32\...\am-saqqarah) (Version: - )
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Sherlock Holmes and The Hound of The Baskervilles (HKLM-x32\...\am-sherlockholmesandthehoundofthebaskervilles) (Version: - )
    Sherlock Holmes and the Mystery of the Persian Carpet (HKLM-x32\...\am-sherlockholmesandthemysteryofthepersiancarpet) (Version: - )
    Sister's Secrecy - Arcanum Bloodlines Premium Edition (HKLM-x32\...\am-sisterssecrecyarcanumbloodlinespremiumedition) (Version: - )
    SKIP-BO Castaway Caper(TM) (HKLM-x32\...\am-skipbocastawaycapertm) (Version: - )
    Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
    Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
    Snark Busters - High Society (HKLM-x32\...\am-snarkbustershighsociety) (Version: - )
    Snark Busters 2 - All Revved Up (HKLM-x32\...\am-snarkbusters2allrevvedup) (Version: - )
    Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
    Space Legends - At the Edge of the Universe (HKLM-x32\...\bc1a5ce90cdecc0fbf435f20b2fe5407) (Version: - GameHouse)
    Spirit Walkers - Curse of the Cypress Witch (HKLM-x32\...\am-spiritwalkerscurseofthecypresswitch) (Version: - )
    Suburban Mysteries - The Labyrinth of the Past (HKLM-x32\...\am-suburbanmysteriesthelabyrinthofthepast) (Version: - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Syberia - Kate Walker's Adventures (HKLM-x32\...\am-syberiakatewalkersadventures) (Version: - )
    Syberia 2 - Kate Walker's Adventure Continues (HKLM-x32\...\am-syberia2katewalkersadventurecontinues) (Version: - )
    Tales From The Dragon Mountain - The Strix (HKLM-x32\...\8adc348cb23a5a28aac774e079515f4b) (Version: - GameHouse)
    Tales of Lagoona 2 - Peril at Poseidon Park (HKLM-x32\...\e5ca5ffe79cf7db4021e9324dc6e4d42) (Version: - GameHouse)
    TaxCut California 2007 (HKLM-x32\...\{5FF4A578-4588-4ACF-8317-7191FC45F3E1}) (Version: 1.07.6601 - H&R Block Digital Tax Solutions LLC.)
    TaxCut Premium 2007 (HKLM-x32\...\{4732D4A0-5A47-44D8-9B84-B3BD4906D30D}) (Version: 07.03.0000 - H & R Block)
    Temple of Life - The Legend of Four Elements (HKLM-x32\...\am-templeoflifethelegendoffourelements) (Version: - )
    Temple of Life - The Legend of Four Elements Platinum Edition (HKLM-x32\...\b827c4d2c9e4a90a0169c252694d9200) (Version: - GameHouse)
    The Book of Desires (HKLM-x32\...\am-thebookofdesires) (Version: - )
    The Fog (HKLM-x32\...\3cfdc0cf55dbf8b5527b367f75816f46) (Version: - GameHouse)
    The Gift (HKLM-x32\...\am-thegift) (Version: - gamehouse)
    The Others (HKLM-x32\...\6224652de70f36a3a2aaed2f3a267969) (Version: - GameHouse)
    The Surprising Adventures of Munchausen(TM) (HKLM-x32\...\4614e7bd103689992587ac7bb19048ab) (Version: - GameHouse)
    The Treasures of Montezuma 3 (HKLM-x32\...\am-thetreasuresofmontezuma3) (Version: - )
    The Worlds' Legends - Kashchey The Immortal (HKLM-x32\...\am-theworldslegendskashcheytheimmortal) (Version: - )
    Transcribe! 8.21 (HKLM-x32\...\Transcribe!_is1) (Version: 8.21 - Seventh String Software)
    Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.5.1 - Tweaking.com)
    Twisted Lands - Insomniac (HKLM-x32\...\am-twistedlandsinsomniac) (Version: - )
    Twisted Lands - Insomniac Platinum Edition (HKLM-x32\...\665fb76b1ae1cb8fbd5affdef4d9c75a) (Version: - GameHouse)
    Twisted Lands - Origin (HKLM-x32\...\am-twistedlandsorigin) (Version: - )
    Twisted Lands - Shadow Town (HKLM-x32\...\am-twistedlandsshadowtown) (Version: - )
    Typer Shark Deluxe (HKLM-x32\...\a9621caff77c46b78dc2a0047b2e57d6) (Version: - GameHouse)
    Unsolved Mystery Club® - Ancient Astronauts® Platinum Edition (HKLM-x32\...\255c1bba88fb6ecb1290390e35a9f53e) (Version: - GameHouse)
    UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VSDC Free Video Editor version 2.1.9.227 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.1.9.227 - Flash-Integro LLC)
    Warlock - The Curse of the Shaman (HKLM-x32\...\56ab7424e3dd1940ed4b6fdcd410804d) (Version: - GameHouse)
    Web BRAdmin (HKLM-x32\...\{C221F359-D738-4D58-8419-B7DD51C5E6DC}) (Version: 1.60.0001 - Brother)
    Weird Park - Broken Tune (HKLM-x32\...\d7d582ded28f5a1123e0015e395d1a17) (Version: - GameHouse)
    Weird Park - Scary Tales (HKLM-x32\...\a2e464c2511b2e9de52e7b41dbc19694) (Version: - GameHouse)
    Weird Park - The Final Show (HKLM-x32\...\6fd86948eb7dc0973edf679ef604f9c9) (Version: - GameHouse)
    Where Angels Cry (HKLM-x32\...\am-whereangelscry) (Version: - gamehouse)
    Whispered Stories - Sandman (HKLM-x32\...\am-whisperedstoriessandman) (Version: - )
    Whispers (HKLM-x32\...\am-whispers) (Version: - )
    White Haven Mysteries (HKLM-x32\...\am-whitehavenmysteries) (Version: - )
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
    Witch's Pranks Platinum Edition (HKLM-x32\...\7dd9501ac1a5a69b1b9128e6d58a9c17) (Version: - GameHouse)
    Wondershare Video Editor(Build 4.6.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
    World Riddles - Animals (HKLM-x32\...\am-worldriddlesanimals) (Version: - )
    World Riddles - Secrets of the Ages (HKLM-x32\...\am-worldriddlessecretsoftheages) (Version: - )
    Youda Mystery - The Stanwick Legacy (HKLM-x32\...\am-youdamysterythestanwicklegacy) (Version: - )
    Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.17.116 - Zemana Ltd.)
    Zuma Deluxe (HKLM-x32\...\amg-zumadeluxe) (Version: - )

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    18-09-2015 03:00:12 Windows Update
    18-09-2015 10:50:19 Restore Point Created by FRST
    18-09-2015 11:02:41 Restore Point Created by FRST
    18-09-2015 11:27:26 Windows Update
    19-09-2015 03:00:36 Windows Update
    20-09-2015 03:00:20 Windows Update
    22-09-2015 03:00:10 Windows Update
    22-09-2015 09:05:06 Restore Point Created by FRST
    22-09-2015 09:15:19 Restore Point Created by FRST
    23-09-2015 03:00:34 Windows Update
    24-09-2015 12:53:14 Windows Update
    25-09-2015 03:00:22 Windows Update

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2015-09-25 20:31 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {A9EA09CC-0210-4813-9E2E-C3929101A8B6} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
    Task: {CEBD64CB-0BA9-4BF9-909A-7C46A4503760} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d002017eac8b6a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f0683e6d4fd8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-08-02 03:18 - 2011-02-28 15:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
    2011-08-22 15:39 - 2013-08-26 05:12 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
    2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2014-01-16 17:15 - 2009-02-04 18:24 - 00081920 _____ () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbaagent.exe
    2014-01-16 17:15 - 2009-02-04 18:17 - 00081920 _____ () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\agentrcv.exe
    2014-01-16 17:15 - 2010-08-05 16:31 - 00069632 _____ () C:\Program Files (x86)\Brother\Web BRAdmin\cgi-bin\wbatimer.exe
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2015-09-16 14:23 - 2015-09-05 23:43 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
    2015-09-13 01:19 - 2015-09-13 01:19 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
    2015-07-14 15:23 - 2015-07-14 15:23 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    2015-09-16 14:23 - 2015-09-05 23:43 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
    2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-07-14 15:22 - 2015-07-14 15:22 - 00030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
    2015-07-14 15:22 - 2015-07-14 15:22 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
    2015-07-14 15:23 - 2015-07-14 15:23 - 00059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
    2015-07-14 15:22 - 2015-07-14 15:22 - 00035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
    2015-07-14 15:23 - 2015-07-14 15:23 - 00079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
    2015-07-14 15:24 - 2015-07-14 15:24 - 00129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
    2015-07-14 15:26 - 2015-07-14 15:26 - 00223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
    2013-07-17 11:57 - 2013-07-17 11:57 - 00094208 _____ () C:\Program Files (x86)\NETGEAR\A6100\Realtek.dll
    2012-11-06 09:47 - 2012-11-06 09:47 - 00114688 _____ () C:\Program Files (x86)\NETGEAR\A6100\EnumDevLib.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> www.125sms.co.uk
    IE restricted site: HKU\.DEFAULT\...\125sms.com -> www.125sms.com
    IE restricted site: HKU\.DEFAULT\...\12w.net -> download-video.12w.net
    IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com
    IE restricted site: HKU\.DEFAULT\...\1337-crew.to -> www.1337-crew.to
    IE restricted site: HKU\.DEFAULT\...\1337crew.info -> www.1337crew.info
    IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
    IE restricted site: HKU\.DEFAULT\...\150freesms.de -> www.150freesms.de
    IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com
    IE restricted site: HKU\.DEFAULT\...\17concepts.info -> www.17concepts.info
    IE restricted site: HKU\.DEFAULT\...\1800searchonline.com -> www.1800searchonline.com
    IE restricted site: HKU\.DEFAULT\...\180searchassistant.com -> www.180searchassistant.com
    IE restricted site: HKU\.DEFAULT\...\180solutions.com -> bis.180solutions.com
    IE restricted site: HKU\.DEFAULT\...\1987324.com -> www.1987324.com
    IE restricted site: HKU\.DEFAULT\...\1gb.ru -> people.1gb.ru
    IE restricted site: HKU\.DEFAULT\...\1ghporn.info -> www.1ghporn.info
    IE restricted site: HKU\.DEFAULT\...\1importantiamreal.com -> www.1importantiamreal.com

    There are 7866 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3797571617-2345687493-384676197-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Teresa's Laptop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: cmdAgent => 2
    MSCONFIG\Services: GeekBuddyRSP => 2
    MSCONFIG\Services: MBAMScheduler => 2
    MSCONFIG\Services: RealPlayerUpdateSvc => 3
    MSCONFIG\Services: Updater Service for PDFLite Toolbar => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR A6100 Genie.lnk => C:\Windows\pss\NETGEAR A6100 Genie.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Teresa's Laptop^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerMenu.lnk => C:\Windows\pss\PowerMenu.lnk.Startup
    MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
    MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{9F35A7BF-167B-4360-9D0E-C79A64A19C3B}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
    FirewallRules: [{B7D7D674-1BEC-4798-B5EB-D083ACE52363}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
    FirewallRules: [{2E525680-D9B6-441B-B6D3-352160006CBB}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
    FirewallRules: [{834DBAD0-B562-4F1D-9808-A1B59CDFFB7C}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

    ==================== Faulty Device Manager Devices =============

    Name: Intel(R) WiFi Link 1000 BGN
    Description: Intel(R) WiFi Link 1000 BGN
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: NETwNs64
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/25/2015 08:38:26 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (09/25/2015 08:38:26 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (09/25/2015 08:29:12 PM) (Source: WinMgmt) (EventID: 24) (User: )
    Description: NVIDIA|NVWMI|EVENTS|2.0select * from ThermalEventThermalEvent//./root/cimv2/NV/Events

    Error: (09/25/2015 08:29:12 PM) (Source: WinMgmt) (EventID: 24) (User: )
    Description: NVIDIA|NVWMI|EVENTS|2.0select * from CoolerEventCoolerEvent//./root/cimv2/NV/Events

    Error: (09/25/2015 08:29:12 PM) (Source: WinMgmt) (EventID: 24) (User: )
    Description: select * from ThermalEventThermalEvent//./root/cimv2/NV/Events

    Error: (09/25/2015 08:29:12 PM) (Source: WinMgmt) (EventID: 24) (User: )
    Description: select * from CoolerEventCoolerEvent//./root/cimv2/NV/Events

    Error: (09/25/2015 08:25:20 PM) (Source: WinMgmt) (EventID: 4) (User: )
    Description: 0x8004401eC:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\MSINFO\OINFOP12.MOF

    Error: (09/25/2015 08:25:09 PM) (Source: WinMgmt) (EventID: 4) (User: )
    Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

    Error: (09/25/2015 08:24:45 PM) (Source: WinMgmt) (EventID: 4) (User: )
    Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

    Error: (09/25/2015 05:31:47 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: A6100.exe, version: 1.0.0.12, time stamp: 0x51e61624
    Faulting module name: MFC42u.DLL, version: 6.6.8064.0, time stamp: 0x4d79b239
    Exception code: 0xc0000005
    Fault offset: 0x000102d1
    Faulting process id: 0xbb4
    Faulting application start time: 0xA6100.exe0
    Faulting application path: A6100.exe1
    Faulting module path: A6100.exe2
    Report Id: A6100.exe3


    System errors:
    =============
    Error: (09/25/2015 10:19:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 10:09:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 09:59:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 09:49:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 09:39:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 09:29:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 09:19:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 09:09:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 08:59:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (09/25/2015 08:49:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


    CodeIntegrity:
    ===================================
    Date: 2015-09-13 03:39:20.210
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-09-13 03:39:20.179
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
    Percentage of memory in use: 33%
    Total physical RAM: 8086.17 MB
    Available physical RAM: 5396.3 MB
    Total Virtual: 16170.54 MB
    Available Virtual: 13982.38 MB

    ==================== Drives ================================

    Drive c: (OSDisk) (Fixed) (Total:452.09 GB) (Free:199.59 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:7.25 GB) NTFS
    Drive f: (DATAPART1) (Fixed) (Total:465.76 GB) (Free:438.52 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 58EFAF19)
    Partition 1: (Active) - (Size=452.1 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0A33DD5B)
    Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     

    Attached Files:

    Last edited by a moderator: Sep 27, 2015
  11. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    Sorry for the delay, putting in an unusual amount of hours. I will have a look at these and get back to you ASAP most likely on Monday. While you wait, here is a tool that can help you with the final tweaks, been using it for friends and family for a while, who have slower machines. This will help out....

    Kerish Doctor, this is the fully fucntional 15 day trial.
    http://www.kerish.org/en/index.php

    Remove the items from your machine.

    GeekBuddy (HKLM-x32\...\{741FC38C-2797-4AC1-AD63-4B65F9CA8B20}) (Version: 4.9.73 - Comodo Security Solutions Inc)
    Google Toolbar for Internet Explorer
    Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )

    Disable certain M$ nuisance......

    http://www.ghacks.net/2015/05/12/how-to-disable-the-diagnostics-tracking-service-in-windows/

    http://www.howtogeek.com/218856/how...ndows-10-icon-shown-in-the-notification-tray/

    http://www.kjrnet.com/Info/Windows 7 Hidden Settings 2.html

    Also defrag your machine with TooWiz Smart Defrag

    A reboot will suffice after all the task above.


    Note: An active internet connection is needed for this scan, because the scans are done in the cloud.

    • Download the Portable Version of Heard Protect from here.
    • Save the program to your desktop.
    • Right click and run as admin. (Xp users Double click to start)
    • Click Next >Next >Agree to terms, click finish to launch.
    • Once the program initiates, hit the Scan button.
    • Once the program completes the scan, you will need to do another scan.
    • Some files will need to be re-scanned.
    • You can check when you can run the scan, by hovering the mouse over New Scan.
    • After the second scan, you will be presented with the option to Remove Checked.
    • Do Not Remove Anything Yet!!
    • Take a Screen Shot of everything detected.
    • Use Snipping Tool and upload to imgur. or SendSpace
    • Post the picture or link to file in next reply.
    • Leave the program open, until I advise you on which item(s) to remove.
     
    Last edited: Sep 27, 2015
  12. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    Thanks Mal,
    I really appreciate all of the help. Hope they haven't been working you too hard. ;)
    Will do the tweaks and wait for your reply.

    TTFN,

    LGW
     
  13. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Download VirIT lite Free version, run a full scan and post the results here. Make sure and update the program, then reboot your machine prior to running the first scan! This tool is one I like to use to make sure all is clean... If you need instructions on getting the logs give me a shout, would also like to see the herd protect scan log.
    http://www.tgsoft.it/english/download_eng.asp
     

    Attached Files:

  14. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    Any update for us?
     
  15. DCiAdmin

    DCiAdmin Always room to learn a bit more Administrator iHF Legend WCG Team Member

    Joined:
    May 2, 2014
    Messages:
    1,551
    Likes Received:
    832
    Trophy Points:
    123
    How goes things, LGW?
     
  16. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    Sorry Mal and DCI,
    I was not blowing you off, I ran out of bandwidth in the boonies. LOL. I am still trying to finish the homework, beginning of the month, it shouldn't take any time at all.
    TTFN,
    LGW
     
  17. DCiAdmin

    DCiAdmin Always room to learn a bit more Administrator iHF Legend WCG Team Member

    Joined:
    May 2, 2014
    Messages:
    1,551
    Likes Received:
    832
    Trophy Points:
    123
    Lack of available bandwidth is something we all understand :) Have you have moved?
     
  18. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    Yes to REALLY Northern California, lol, I live up near Mt. Shasta now. It's very different than the civilized area that I have been living in for the last twenty years. :lol::mute::confused::arghh::lol:
     
    DCiAdmin likes this.
  19. LadyGreenWitch

    LadyGreenWitch I'll get you my pretty, and your little log too! iHF Regular

    Joined:
    Sep 7, 2015
    Messages:
    64
    Likes Received:
    23
    Trophy Points:
    8
    OK Mal,

    I FINALLY have what you asked for. :oops::lol: However, I got ahead of myself with Herd Protect, (wicked cool program btw), I recognized all of the unrecognized files, and new that the two it did find needed to be removed, THEN I reread the instructions more thoroughly. Sorry Dude. Attached you will find the new Fixlog, and the log from VirIT, I have also enclosed both HerdProtect logs for your information. Sorry for the delay.

    Looking forward to your reply,

    TTFN,

    LGW
     

    Attached Files:

  20. Malnutrition

    Malnutrition Still Hungry iHF Master Craftsman

    Joined:
    May 5, 2014
    Messages:
    1,501
    Likes Received:
    445
    Trophy Points:
    93
    On my phone now will have a look at the logs tomorrow. can you tell me how your machine is running now.?
     
Loading...

Share This Page