Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Sudden blank screen and sporadic slowdown - yikes!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Sudden blank screen and sporadic slowdown - yikes!

Unread postby yotboss » September 30th, 2015, 1:51 am

Typically I start the day by firing up my computer.... I leave it on all night, so I just move the mouse and the screen lights up after a couple of seconds. However, this morning I just got a blank, dark grey screen. The mouse pointer was there and moved, but nothing else happened. After turning the computer on and off several times, it did come to life, but would 'freeze' randomly. As of this evening, it seems to be a bit better, but will still freeze up for no apparent reason. I tried what my very limited skills would allow: run anti-virus scan (AVG), system restore, eliminating some auto start-up apps. Still don't have a stable situation; at random intervals, freeze happens and I have to restart. Needless to say, any help is massively appreciated.... Tom

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Tom (administrator) on TOM-PC (29-09-2015 22:28:31)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\bagent.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by Tom (2015-09-29 22:29:31)
Running from C:\Users\Tom\Desktop
Windows 10 Pro (X64) (2015-08-12 02:36:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2395183170-2378603555-2842505502-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2395183170-2378603555-2842505502-503 - Limited - Disabled)
Guest (S-1-5-21-2395183170-2378603555-2842505502-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2395183170-2378603555-2842505502-1009 - Limited - Enabled)
Tom (S-1-5-21-2395183170-2378603555-2842505502-1000 - Administrator - Enabled) => C:\Users\Tom
wurco_000 (S-1-5-21-2395183170-2378603555-2842505502-1005 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies)
AVG 2015 (Version: 15.0.4419 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6140 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.0.444 - AVG Technologies)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Better Homes and Gardens Home Designer 7.0 (HKLM-x32\...\{0D503B8E-97E3-45B7-96CB-4936269B902C}) (Version: 7.0 - Chief Architect Inc)
Better Homes and Gardens Home Designer 7.0 Training Videos (HKLM-x32\...\{3419BF10-127A-42EB-9723-9A611AEBE853}) (Version: 1.00.000 - ART Inc)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
Canon MF4320-4350 (HKLM\...\{99A5569D-9F86-4f32-A227-1538B731DA42}) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CIR Tool Kit (HKLM-x32\...\{2FAECEAF-0EBE-48FF-B60A-B4577C0EFDAB}) (Version: 2.2.2011.128 - Nuvoton Technology Corp)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WordPerfect Office - iFilter 64 Bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.01.000 - Corel Corporation)
CyberLink PowerCinema for TOSHIBA (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 7.1.5608 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.3021 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeltaCad (HKLM-x32\...\DeltaCad) (Version: 8.0.20140328 - Midnight Software, Inc.)
Document Express DjVu Plug-in (HKLM-x32\...\{2E8C03EC-E09F-4868-A4AC-02B9285D3E09}) (Version: 6.1.31831 - Caminova, Inc.)
Dropbox (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.135.908 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Garmin BlueChart Americas v9 (HKLM-x32\...\{254A2683-4128-47B1-85DF-7690E6119EC6}) (Version: 9.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin BlueChart Pacific v9 (HKLM-x32\...\{A9BD2245-D38A-4645-8C60-BB141176ADDF}) (Version: 9.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Apps Migration For Microsoft Outlook® 3.4.27.52 (HKLM-x32\...\{65960C6E-BFA2-4FE7-A1BC-8028F3072566}) (Version: 3.4.27.52 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.410.1100 (HKLM-x32\...\{799A7E2B-388F-4BDE-B55B-47AF42C6440A}) (Version: 3.7.410.1100 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HP Officejet Pro 6830 Basic Device Software (HKLM\...\{98040AB6-D667-409C-81E7-DB65836B3EE0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Officejet Pro 6830 Help (HKLM-x32\...\{28693307-6F99-4B5D-9FA3-4D9132DDA716}) (Version: 34.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
MC782ML_MC582ML (HKLM\...\{CEA241FD-11FF-442B-BDCA-DAB9E7AE2109}) (Version: 6.111.16 - YUAN)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Media Go (HKLM-x32\...\{8D92969D-A6A3-44C8-9D63-D377E94F44B5}) (Version: 2.6.205 - Sony)
Media Go Video Playback Engine 2.0.106.08290 (HKLM-x32\...\{49D9CE9D-C8B7-B941-90E1-608044A0FC8D}) (Version: 2.0.106.08290 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Photo Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0706 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\MyFreeCodec) (Version: - )
MyHarmony (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NextWindow DesktopTouch Driver Package (HKLM\...\{77DBAEBC-6068-4524-BA13-030DB378C871}) (Version: 1.1.017 - NextWindow)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
nRoute (HKLM-x32\...\{AE97D691-DB7D-4735-8D6D-0E0164F75B94}) (Version: 2.6.1 - )
OpenCPN 4.0.0 (HKLM-x32\...\OpenCPN 4.0.0) (Version: 4.0.0 - opencpn.org)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.14 - Nikon)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Product Improvement Study for HP Officejet Pro 6830 (HKLM\...\{96ABEAD3-67AE-4BF7-8A16-F745352049B3}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.82 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.1 - Renesas Electronics Corporation) Hidden
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Short Movie Creator (HKLM-x32\...\{B2817391-97C2-4A88-A952-14920594BD62}) (Version: 1.3.1 - Nikon)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SkyShellEx(x86) (HKLM-x32\...\{044D80FE-E0C3-4DDB-851A-9AD72CBC1CB1}) (Version: 1.0.1 - Coronox)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.) Hidden
Sony PC Companion 2.10.281 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony)
SYNC Volume Control v1.0.81 (HKLM-x32\...\SYNC Volume Control_is1) (Version: - Ford Motor Company)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
ThreatFire (HKLM-x32\...\3554AA4B-9B0B-451a-A269-2B5F53982209_is1) (Version: - PC Tools)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{B1DC5682-7B85-400C-BB47-7DA0E1E9CAAA}) (Version: 1.3.6.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.6.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1009.3 - TOSHIBA CORPORATION)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.9 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.3.64WW2 - TOSHIBA Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{27C3DB42-A9C1-4B44-A164-93849D160D12}) (Version: 5.3.49.124 - Toshiba Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.29 - TOSHIBA Corporation)
Toshiba Wireless HID driver (HKLM-x32\...\{A190562C-BD9C-49CD-8C52-944A5256062E}) (Version: 1.00.006 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VersaCheck Platinum 2007 (HKLM-x32\...\{7AA8968B-E188-4F38-A718-A954BE3DDBCE}) (Version: 9.0.17.1 - G7 Productivity Systems, Inc.)
VesselLog (HKLM-x32\...\{7A2C8626-8F9A-4E57-AC10-EBB1A261F849}) (Version: 1.02.5000 - Oso Software)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.1 - Nikon)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.13 - WildTangent) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone Engineering Flashing Tool (HKLM\...\{47135C88-5123-46AF-B9AF-26F4287A6401}) (Version: 04.08.2134.00 - Microsoft Corporation)
WordPerfect Lightning - IPM (x32 Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - Messages (x32 Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - MSOM (x32 Version: 1.1 - Corel Corporation) Hidden
WordPerfect Lightning (x32 Version: 2.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Common (x32 Version: 15.1 - Corel Corporation) Hidden
Wordperfect Office X5 - EN (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Filters (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Graphics (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - IPM (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - LegalTools (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Migration Manager (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Oxford (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PerfectExperts EN (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PR (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - QP (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Setup Files (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Sharepoint (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Skins (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - System EN (x32 Version: 15.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Templates (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WP (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WT (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 (HKLM-x32\...\_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}) (Version: 15.0.0.431 - Corel Corporation)
WordPerfect Office X5 (x32 Version: 15.1 - Corel Corporation) Hidden
Xmarks for IE (HKLM-x32\...\{F0FEA296-3D00-4B6F-A70B-B73F0F305EA2}) (Version: 127.0.176 - Xmarks)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

17-09-2015 09:32:45 Windows Update
21-09-2015 19:00:21 Windows Update
29-09-2015 08:31:16 Windows Update
29-09-2015 08:31:52 Windows Update
29-09-2015 15:54:37 Restore Operation

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2015-09-05 01:38 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D94218-A034-415D-BC28-DC730D07DC9A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {059F428C-6201-4480-B633-3154F47249AE} - System32\Tasks\START SKYDRIVE => C:\WINDOWS\System32\SkyDrive.exe
Task: {063A2B88-1EC7-4D8B-A198-E2CC7D444608} - System32\Tasks\{1FDA97D9-C5C7-4DC7-AEB6-BFF961B0B1CF} => pcalua.exe -a "C:\Program Files (x86)\Canon\MF Toolbox Ver4.9\Uninst.exe"
Task: {07BD9D02-0E91-4045-8B68-15CCCAB108B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {0AD34D34-373A-4E60-8A8F-56F7F42FB364} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {193B42C4-FF7D-4634-A3B2-7E2180FE033D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2015-07-10] (Microsoft Corporation)
Task: {1A6815B2-1FCE-47A0-83F9-627025D40FC0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {1F39C24D-3BD7-46C8-9CC6-1EE3360C8180} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-29] (Adobe Systems Incorporated)
Task: {207A6DA4-EA7A-47CD-AC97-D9C55101EDC2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {241B40A3-FEDE-4239-9474-59539C8668F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2668C326-4B35-4E0D-9E61-22BFD8B71169} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {26A082B9-B2A8-487D-A850-CCF48E1AFCAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-07] (Dropbox, Inc.)
Task: {2ABD43E7-9D0B-4057-8D84-BBD5B3338944} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2C2B0FC0-0415-48E6-B8C8-797418A4162C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {2DA97C99-AD05-42F0-9327-B7D3BB06E60D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3E3BB8C5-0434-4846-B370-A88E7A6820D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4F21BA03-688D-47F8-AFA1-8979196F443B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {5492D24F-EEBC-4598-B339-B17D4731580C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {56F12978-AA2B-4E93-8122-2EDE98922D98} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {5AC9D130-7033-4AFC-8A4C-7068660D3377} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {62D75334-0429-4050-A1A9-9A4110E8072E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {651F15A4-0FEC-4447-B3BB-8A153534BA92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {67E7D53B-4CC3-43BC-90B5-3D2FAC55DA68} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6C19620D-B929-4D97-AC88-38BD5C67604D} - System32\Tasks\HP AR Program Upload - a73ab8b3d315444f89a4ec6a229687b0b7927a66769946dc9b7edd3d8ae37e55 => C:\Program Files\HP\HP Officejet Pro 6830\bin\HPRewards.exe [2014-07-18] (TODO: <Company name>)
Task: {6D306FF6-D47B-443B-884C-5A267DC91B71} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7AC4C1A9-C836-4367-B543-5DB06BBF2EEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-07-11] (Hewlett-Packard Company)
Task: {7AD6A013-58A1-4AAD-A945-D399540B6586} - System32\Tasks\{137E5E92-1F2E-4FF6-A51C-1E3E08E6C9B7} => pcalua.exe -a C:\Users\Tom\Desktop\ToolBox_4911mf16_Win_EN\Setup.exe -d C:\Users\Tom\Desktop\ToolBox_4911mf16_Win_EN
Task: {7FFA5F5B-2F0F-4CEF-893E-8FE982E31A28} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {80012D4E-64AB-4A1C-9AB6-31C6AB5C1050} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {823384EE-1933-4ADD-B3B1-3FD9058E2DE2} - System32\Tasks\{F552A0C9-CDD4-489C-BB2E-775D5F13EB6C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {82B51EF5-7466-4714-BB39-FEB35F628E4E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {82E24CC3-C7F7-4472-A507-477C801E4D7C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {86EB4252-1117-4DE6-BB01-FFE88C7CF533} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8DE5FB7D-4110-4512-B5FF-B1AE064FBD84} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {995B9208-9A1D-4D01-AADE-6EAFD0ED667F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A350CF7A-7C8D-4B00-8DD3-06E7709D535C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A4BA8CDE-C519-48D2-B259-F7B9B87FEE47} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {A62ADFB8-C0D3-497B-85A8-A1CAAF0F6ADC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-07] (Dropbox, Inc.)
Task: {A815EEE1-7439-4F95-8CA6-D6D3E53EC550} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A9B40EC1-2387-4DCA-BDFF-D1F050CBBB3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A9FA280A-D96C-426F-B76C-2BBFD7C017E4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AA6B5C00-DD2D-4741-969F-328387928864} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {AAF2F022-796B-44A1-A391-840A88AAC962} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {AFA6DD93-1AA6-4880-9843-36C2C73D7A92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B47B6B1E-1461-4608-A375-D1CA8C2E7414} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B71BD0EA-ECD1-4AA3-97A9-E53BF9AE2DD6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C498B8B9-3E6F-4330-BDE0-271B76884A42} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [2014-07-18] (Hewlett-Packard Development Company, LP)
Task: {CCB6E1C4-05D8-48C9-AB9A-E22B5BA0CFB3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D092317C-4C1F-4C08-8FDF-2BA7691D26BF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {DEA12AD2-7C36-47F4-92A5-788DB03B849B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EE456DE2-194E-42AC-850B-59089279192E} - System32\Tasks\{C6C04AAB-D9B4-4ABD-82AC-952EA5296AA7} => pcalua.exe -a "C:\Users\Tom\Desktop\Printer Driver\ToolBox_4911mf16_Win_EN\Setup.exe" -d "C:\Users\Tom\Desktop\Printer Driver\ToolBox_4911mf16_Win_EN"
Task: {F477E358-C01E-4284-94D3-D3D17DFE8B9C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FA2B30AF-C20C-481B-A38B-4DA7470AC239} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core.job => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA.job => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 04:00 - 2015-07-10 04:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-11 19:29 - 2015-08-11 19:29 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 11:03 - 2015-08-11 02:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-04-27 14:10 - 2014-04-27 14:10 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2015-08-29 06:48 - 2015-08-18 00:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 06:48 - 2015-08-18 00:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2015-06-01 21:00 - 2015-08-12 22:08 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-30 08:19 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2011-06-09 21:09 - 2011-06-09 21:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-08-12 22:05 - 2015-08-02 18:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 04:00 - 2015-07-10 06:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 11:03 - 2015-08-11 01:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 22:05 - 2015-08-02 18:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:00 - 2015-07-10 06:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-12 22:04 - 2015-08-02 18:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-12 22:05 - 2015-08-02 18:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-08-11 19:29 - 2015-08-11 19:29 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-07-10 06:17 - 2015-07-10 06:17 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 00115712 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 02787328 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\ContactCardDataRT.Windows.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 00972800 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\Microsoft.Apps.People.BackgroundTasks.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 00324608 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\Microsoft.People.Controls.dll
2015-07-10 03:59 - 2015-07-10 03:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 03:59 - 2015-07-10 03:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2014-04-27 14:10 - 2014-04-27 14:10 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2014-01-30 08:19 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-01-30 08:19 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-07-09 11:49 - 2015-06-30 16:21 - 00915968 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\deviceupdate_dll.dll
2013-06-11 09:31 - 2013-06-11 09:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2011-01-05 15:01 - 2011-01-05 15:01 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PimNotes.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-01-30 08:19 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2014-01-30 08:19 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-09-15 16:20 - 2014-09-15 16:20 - 00645120 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2014-06-27 15:36 - 2014-06-27 15:36 - 00107520 _____ () C:\Program Files (x86)\Xmarks\IE Extension\zlib1.dll
2015-09-29 22:22 - 2015-09-29 22:22 - 00011264 _____ () C:\Users\Tom\AppData\Local\Temp\nsaE246.tmp\System.dll
2015-09-29 22:22 - 2015-09-29 22:22 - 00004096 _____ () C:\Users\Tom\AppData\Local\Temp\nsaE246.tmp\Banner.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Downloads\FW Catholic Coffee Morning In Rome.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Best Selfie ever.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Dating Memories.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy (2).eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Hurth rebuild.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\thunderball 7.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{22F13FBC-47F9-460B-8B39-0E1CA7963CD0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS010F\HPDiagnosticCoreUI.exe
FirewallRules: [{A5F0CE45-E7AE-4EEC-8169-84622CD1B5FA}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS010F\HPDiagnosticCoreUI.exe
FirewallRules: [{8B75CB1D-8CD1-4F71-ABFC-D9C903E5960F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{39C4F690-F3F7-4F06-B012-823E14FB2EAF}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{30347C0A-8126-4C48-9900-9201DF70E34F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{633681AB-B94B-442B-B004-2AEA64DC1501}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{379CF5E3-1EFD-43FD-A2E4-ABD8B7DF7F84}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{DF1E0079-6259-4571-A211-2411F59564DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{DBDBE194-D09D-467B-923F-B377C89BACF8}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D3E\HPDiagnosticCoreUI.exe
FirewallRules: [{3426872E-35E8-4218-8FC5-03ABA8219A88}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D3E\HPDiagnosticCoreUI.exe
FirewallRules: [{171372CD-012E-4415-AA0E-3E32ACD805C6}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D00\HPDiagnosticCoreUI.exe
FirewallRules: [{B0673230-CD76-452D-8EAE-4153D4D8040D}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D00\HPDiagnosticCoreUI.exe
FirewallRules: [{BD0F028A-6256-4E76-9B75-FC2DCB492396}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS40AA\HPDiagnosticCoreUI.exe
FirewallRules: [{3F555789-6F7B-44F1-B632-58717069BA30}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS40AA\HPDiagnosticCoreUI.exe
FirewallRules: [{8C97AD49-008C-4CC7-BEDC-D146D0F8145A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS763B\HPDiagnosticCoreUI.exe
FirewallRules: [{16C7A288-1543-4FC3-9A60-5A8589CC87A0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS763B\HPDiagnosticCoreUI.exe
FirewallRules: [{4EC70903-65B9-4071-A35E-9B3AEE6C7255}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS717F\HPDiagnosticCoreUI.exe
FirewallRules: [{B77EC497-A153-4690-A39C-DF7826DB3823}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS717F\HPDiagnosticCoreUI.exe
FirewallRules: [{83F61A6C-83A4-4F77-8635-DA9788D814DE}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS70C5\HPDiagnosticCoreUI.exe
FirewallRules: [{3B631803-DBB4-4934-87F9-B0041ADF697A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS70C5\HPDiagnosticCoreUI.exe
FirewallRules: [{5354B881-56BF-41B1-B73B-0AB94DC07C0E}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS708B\HPDiagnosticCoreUI.exe
FirewallRules: [{9913B209-9284-471B-AE76-C7099E707E01}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS708B\HPDiagnosticCoreUI.exe
FirewallRules: [{F2F11E43-D3B3-424F-9178-BD95B5479415}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0EB0\HPDiagnosticCoreUI.exe
FirewallRules: [{56BAD894-4296-4A9C-B232-A7B85B2DFBCB}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0EB0\HPDiagnosticCoreUI.exe
FirewallRules: [{0C1421A8-C162-4A73-9B9B-518BAC5D4B7D}] => (Allow) LPort=26675
FirewallRules: [{FD1AF33E-55CE-4C83-8630-160C354EEE74}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{BF747F2E-B3A6-439C-BB67-8211AA6EDFE5}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{C9170C16-7EA9-4AD3-B509-1FD4B9A15EAF}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS5C1D\HPDiagnosticCoreUI.exe
FirewallRules: [{A3D34E91-3022-4CD1-9F75-35A3F191AAF0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS5C1D\HPDiagnosticCoreUI.exe
FirewallRules: [{4175B015-973F-44DB-9B6C-A66318C1762A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS48E2\HPDiagnosticCoreUI.exe
FirewallRules: [{F5EF40BE-20FE-40B2-A8AE-C02E16E155FA}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS48E2\HPDiagnosticCoreUI.exe
FirewallRules: [{4DD95162-8F7C-4565-A116-B6A0AC84B763}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0B09\HPDiagnosticCoreUI.exe
FirewallRules: [{EA1B006C-3B88-42B3-B417-45E792E951B1}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0B09\HPDiagnosticCoreUI.exe
FirewallRules: [{26E2EDE2-151D-496B-A63C-CB8573BC9CD0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS3F77\HPDiagnosticCoreUI.exe
FirewallRules: [{6C680EBF-6259-48CA-A804-6E6A7455F49B}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS3F77\HPDiagnosticCoreUI.exe
FirewallRules: [{DF10A9D3-E6CD-4EE1-9DC5-1EC309DAD6F1}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS33B8\HPDiagnosticCoreUI.exe
FirewallRules: [{A5979010-A95C-4677-9B55-F18DE03DE5BE}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS33B8\HPDiagnosticCoreUI.exe
FirewallRules: [{1F53FFB4-86AC-4E7D-9485-CD36018F2D86}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1C18\HPDiagnosticCoreUI.exe
FirewallRules: [{0B49D48E-3779-4663-90A4-1C958EF650D5}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1C18\HPDiagnosticCoreUI.exe
FirewallRules: [{5E6597CD-CF20-4088-85A7-2A23563CEF26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CC74F88F-CECF-489B-8808-6D49EEF9AF40}] => (Allow) LPort=5357
FirewallRules: [{D5D2CB5B-F563-4267-99DA-4CB29EECFC1E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe
FirewallRules: [{8AA05DDD-9A82-43EE-B0BB-7E3CEE8263CA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe
FirewallRules: [{96A071A9-643C-4FE0-A167-767A9D61CFA9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe
FirewallRules: [{648BC6A5-9A71-4485-9AD9-5A06A87D2D6E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe
FirewallRules: [{2772F598-3FA3-449D-AC5E-A01F593418A7}] => (Allow) C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4353DDFA-39FC-4B8F-B83A-6CF1D9A8C8F6}] => (Allow) C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{24E5F326-32DB-41C3-BC50-6270FC9F656E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{EB1469D1-3425-4E61-BD81-7C23F9E7655F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4663A039-A918-4685-9F89-7B2DC5E59E3B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{110F8F09-B795-4E18-8601-EDAF855F64AC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FB2BA749-83D8-47F8-ACAD-85E449E51F52}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FAAC4BF9-0125-462E-93AB-F06AFAB37AE4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A1CBBA93-744F-4F2B-A0EC-FE768859C323}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{BD13DB9D-E607-479C-98B2-77767D280E05}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{11347CE2-0EEE-4FE1-97D0-6ECAEEBE2826}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{05187881-50DD-4B24-8D0A-B1DC6A0E8AC1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\DMS\CLMSService.exe
FirewallRules: [{A30E54C2-FF0A-4DB3-84C9-3D9496A52C1D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{4DCA5F35-5A11-4356-8F09-32EED13BAA05}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\PCMService.exe
FirewallRules: [{B2A81AFC-008E-4D98-8D0E-F3502F769487}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\PowerCinema.exe
FirewallRules: [{B3A2BCDE-85F5-4C80-AF5D-AAA369EFFE21}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{65772AA5-1492-4D50-B62D-342D2170CA85}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7EF2027C-BC1B-4891-9BE3-9EBB31C2D0D4}] => (Allow) LPort=1900
FirewallRules: [{7B538319-96E3-4FE0-A5C8-028F16A68612}] => (Allow) LPort=2869
FirewallRules: [{1014BD7D-3480-43F8-B517-61100DCE988F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4DC63B66-19DD-4EEF-A990-7361E5737828}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{DB54F1B5-9B76-4FD6-A2DF-C80A96A7C43E}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{10251F7B-9EA5-426E-9DA8-D02EFB067289}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{AA65C126-B417-4AB1-A59A-1DAAC9BCF4AA}] => (Allow) LPort=7000
FirewallRules: [{40087D0B-AADF-4151-A81E-956A7D6BEB43}] => (Allow) LPort=7000
FirewallRules: [{42ECEC91-7FBC-4ADF-8D3B-71AC8BCE30BC}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [TCP Query User{3116646A-20EF-49D1-BBE2-4F70F878EEB0}C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DFB32837-BDB1-46F1-BEA0-2C0B0A585890}C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8FBAAF33-CCC2-429B-AAE7-9BB854FD28C5}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{71D14E7B-5A24-4E38-BBAF-482DE652A6F8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{6CD1AE6C-C267-4AF5-92D6-52F34EEDEF98}] => (Allow) C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{730AE53B-511E-48BD-BB0D-A250C65F205A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{DD8D9B2D-8517-456D-B129-F374859B818E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{205E089A-2D80-43C2-8B60-5D7CAEF70870}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{13549FB7-3717-447E-AD66-1976199BAB1C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{20497D5B-8C1A-4C7C-880A-4AB906C09F8A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3250C1A7-5C07-46CB-9A64-29B3D34B94AE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{DB412C68-59A9-4240-87FE-8EC79DACD8B5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FD3A6970-7B99-448B-8585-A066C70FB7DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B563D9CD-A1B5-4176-A987-27D703AC5454}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS78F7\HPDiagnosticCoreUI.exe
FirewallRules: [{EAEBE1EC-9523-43CE-A270-E2DE5381D351}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS78F7\HPDiagnosticCoreUI.exe
FirewallRules: [{F71CAA0F-402A-43A6-B80C-EECD23EBC70D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2B6ADDAA-605B-402E-A6B8-6505317302D6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{7A63B44B-A36B-4CA6-8145-17A9077A0B0E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{A1A75A66-B5BC-4E23-8BD7-43EF7D84AE66}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{051EC500-3EDB-415A-9D76-BCB26FEFFD05}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{63D7E9AA-558B-487F-BE01-E2FDEBA09BA9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{CB2EC0DA-83AD-457B-871F-99604D416DB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2015 08:42:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 45.0.2454.93 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1cd0

Start Time: 01d0fb0d7b67127e

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 4fbf7554-6725-11e5-bf3e-9cb70de5025c

Faulting package full name:

Faulting package-relative application ID:

Error: (09/29/2015 07:01:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (09/29/2015 07:01:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (09/29/2015 07:01:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (09/29/2015 07:01:23 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (09/29/2015 07:01:13 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (09/29/2015 07:01:13 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (09/29/2015 07:01:02 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (09/29/2015 07:01:02 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (09/29/2015 07:00:52 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.


System errors:
=============
Error: (09/29/2015 09:23:23 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 09:13:19 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 09:04:58 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 08:57:15 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 08:56:16 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 08:56:13 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 08:55:15 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 08:55:12 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 08:55:09 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/29/2015 08:54:04 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


CodeIntegrity:
===================================
Date: 2015-08-11 19:47:26.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athwbx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 30%
Total physical RAM: 8139.84 MB
Available physical RAM: 5675.17 MB
Total Virtual: 13896.84 MB
Available Virtual: 11112.48 MB

==================== Drives ================================

Drive c: (TI106328W0C) (Fixed) (Total:914.47 GB) (Free:718.62 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (KINGSTON) (Removable) (Total:3.77 GB) (Free:2.66 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:4.86 GB) (Free:4.75 GB) NTFS
Drive g: (Toshiba AIO) (Fixed) (Total:181.44 GB) (Free:160.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 2CC908DC)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=914.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.1 GB) - (Type=17)

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 186.3 GB) (Disk ID: DD5BDD5B)
Partition 1: (Not Active) - (Size=4.9 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=181.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
yotboss
Active Member
 
Posts: 7
Joined: September 30th, 2015, 1:34 am
Top
Advertisement
Register to Remove

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby MWR 3 day Mod » October 6th, 2015, 12:42 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby mAL_rEm018 » October 6th, 2015, 4:05 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.


Hello yotboss,

My name is mAL_rEm018, but feel free to call me mAL :). I'm an undergraduate trainee and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.

To make sure everything goes smoothly, I would like you to observe the following rules:
  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread. Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum. Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

Before going any further, make sure you read and get acquainted with the following topic: HOW TO GET HELP IN THIS FORUM - everyone must read this, where the conditions for receiving help here are explained.


I need to see a fresh FRST log..

  • Right-click on FRST64.exe and select Run as administrator.
  • Ensure that Addition.txt is checked.
  • Select Scan.
  • When the scan is over two windows will open, FRST.txt and Addition.txt.
  • Please post the contents of both logs in your next reply.

-----------------------------------------
In your next reply, I would like to see..
  • FRST.txt
  • Addition.txt
    Please post everything in the order given.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby yotboss » October 6th, 2015, 8:55 pm

Thanks so much for your help; Here's what I got:




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Tom (administrator) on TOM-PC (06-10-2015 17:47:52)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Darfon Electronics Corp.) C:\Windows\AIOKBApp.exe
(Darfon Electronics Corp.) C:\Windows\TiltMouseAPP.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Xmarks.com) C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\bagent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [981888 2011-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-06-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe [2409856 2011-07-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [718720 2011-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [AIOKBApp] => C:\windows\AIOKBApp.exe [114176 2010-06-28] (Darfon Electronics Corp.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [TiltMouse] => C:\windows\TiltMouseAPP.exe [119296 2011-09-08] (Darfon Electronics Corp.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE [136600 2010-10-26] (Corel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3812264 2015-09-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ThreatFire] => C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2557976 2014-04-27] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1125800 2015-09-22] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [9919C2326C0CBD6C8225179850E066432A2C85FF._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-05] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568208 2015-09-11] (Google)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [HP Officejet Pro 6830 (NET) #2] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-05] (Ruiware)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-11-01]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{63ee65b5-b63c-4916-97f4-68af95ba7f95}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{b0777f1f-9d32-4427-9e6e-bd645a97df6e}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{C5CD7E69-03EC-4F15-860A-BBD3B229D560}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
URLSearchHook: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM -> {34814D24-72D1-418B-B5CD-19F1645B9532} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {34814D24-72D1-418B-B5CD-19F1645B9532} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^F3&apn_dtid=^YYYYYY^YY^US&apn_uid=f4b9198a-4b01-4057-a21f-21be3ac8b263&apn_sauid=890AB66F-691B-48AB-9A11-AAAB7E1F67A7
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {3F86C6E8-0F86-4ED2-88D2-059A2AE805FB} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {406DF028-D48F-482A-8F44-1FE7882A8B9E} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^F3&apn_dtid=^YYYYYY^YY^US&apn_uid=f4b9198a-4b01-4057-a21f-21be3ac8b263&apn_sauid=890AB66F-691B-48AB-9A11-AAAB7E1F67A7
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {44B9AC37-4AC8-4910-BB0D-F980BFE3D499} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS507
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_enUS389US389
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {A5780388-3FF6-458E-8AB7-1EE4206A3A55} URL = hxxp://searchou.com/?q={searchTerms}&id=d02bbf4f000000000000aeb70de4ce68&r=109
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-15] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2012-10-28] ()
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-15] (Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-16] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2012-10-28] ()
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-16] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2012-10-28] ()
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.0.444\AVG SafeGuard toolbar_toolbar.dll [2014-04-27] (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2012-10-28] ()
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.0.444\AVG SafeGuard toolbar_toolbar.dll [2014-04-27] (AVG Secure Search)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
IE Session Restore: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> is enabled.
Handler-x32: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files (x86)\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll [2001-11-05] (G7 Productivity Systems, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll [2014-04-27] (AVG Secure Search)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> is enabled.

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-07-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll [No File]
FF Plugin-x32: @caminova.com/DjVuPlugin -> C:\Program Files (x86)\Caminova\Document Express DjVu Plug-in\npdjvu.dll [2013-06-03] (Caminova, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-16] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-07-28] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2395183170-2378603555-2842505502-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-02]

Chrome:
=======
CHR HomePage: Default -> hxxp://my.yahoo.com/
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com/?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&pr=fr&d=2013-01-22 21:18:59&v=14.0.0.14&pid=safeguard&sg=1&sap=hp","hxxp://searchou.com/?id=d02bbf4f000000000000aeb70de4ce68","hxxp://mysearch.avg.com/?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&pr=fr&d=2013-08-26 21:27:07&v=15.6.1.2&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-11-04 18:26:15&v=17.0.1.12&pid=safeguard&sg=0&sap=hp"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-09-06]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-01]
CHR Extension: (Google Drive) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-01]
CHR Extension: (Bookmark Sentry (scanner)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga [2014-11-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-12-02]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-01]
CHR Extension: (Google Search) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-01]
CHR Extension: (High Contrast) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2014-09-06]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2012-10-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Skype Click to Call) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Poppit!) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-09-06]
CHR Extension: (AVG SafeGuard) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-07-14]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-01]
CHR HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2012-10-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.0.444\avg.crx [2014-04-27]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-07-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-11-01] (Adobe Systems) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604712 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3792880 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1042344 2015-09-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [596344 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-09-09] (Foxit Software Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-05-30] (Realsil Microelectronics Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-20] (DEVGURU Co., LTD.)
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-27] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-09-11] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [293296 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [251312 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [314800 2015-08-31] (AVG Technologies CZ, s.r.o.)
R3 CXPOLARIS; C:\Windows\system32\drivers\cxRDU253S.sys [558112 2015-05-21] (Conexant Systems, Inc.)
R3 DFKBfilter; C:\Windows\system32\drivers\DFKBfilter.sys [24712 2010-06-24] (Darfon Electronics Corp.)
R3 DFMousefilter; C:\Windows\system32\drivers\DFMousefilter.sys [24200 2010-06-24] (Darfon Electronics Corp.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R3 nuviocir; C:\Windows\system32\DRIVERS\nuviocir_x64.sys [39704 2013-07-15] (Nuvoton Technology Corp.)
R3 NWVoltron; C:\Windows\System32\drivers\NWVoltron.sys [28920 2015-08-11] ()
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-10-02] (Toshiba Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-06 17:47 - 2015-10-06 17:48 - 00044170 _____ C:\Users\Tom\Desktop\FRST.txt
2015-10-06 17:47 - 2015-10-06 17:47 - 00000000 ____D C:\Users\Tom\Desktop\FRST-OlderVersion
2015-10-06 17:29 - 2015-10-06 17:29 - 00016148 _____ C:\WINDOWS\system32\TOM-PC_Tom_HistoryPrediction.bin
2015-10-06 17:29 - 2015-10-06 17:29 - 00000000 ___HD C:\OneDriveTemp
2015-10-06 09:51 - 2015-10-06 09:51 - 00017935 _____ C:\Users\Tom\Downloads\september 29.odt
2015-10-05 16:45 - 2015-10-05 16:45 - 00000000 ____D C:\Users\Tom\AppData\Roaming\AVG
2015-10-05 16:42 - 2015-10-05 16:42 - 00000948 _____ C:\Users\Public\Desktop\AVG.lnk
2015-10-05 16:42 - 2015-10-05 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-10-05 16:41 - 2015-10-05 16:43 - 00000000 ____D C:\ProgramData\Avg
2015-10-05 16:41 - 2015-10-05 16:42 - 00000000 ____D C:\Users\Tom\AppData\Local\AvgSetupLog
2015-10-02 15:42 - 2015-10-02 15:42 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 08:03 - 2015-10-02 08:03 - 00045728 _____ (Toshiba Corporation) C:\WINDOWS\system32\Drivers\Thotkey.sys
2015-10-02 08:02 - 2015-10-02 08:02 - 00045184 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\TVALZ_O.SYS
2015-10-02 07:41 - 2015-09-15 09:12 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 07:41 - 2015-09-15 09:12 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 15:06 - 2015-10-01 15:06 - 00059392 _____ C:\Users\Tom\Downloads\Invoice Wurfl Construction DelMarStairGuardRailDeposit.xls
2015-09-30 17:59 - 2015-09-24 17:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 17:59 - 2015-09-24 16:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 17:59 - 2015-09-24 16:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 17:59 - 2015-09-24 16:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 17:59 - 2015-09-24 16:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 17:59 - 2015-09-24 16:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 17:59 - 2015-09-24 16:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 17:59 - 2015-09-24 15:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 17:59 - 2015-09-24 15:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 17:59 - 2015-09-24 15:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 17:59 - 2015-09-16 23:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 17:59 - 2015-09-16 23:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 17:59 - 2015-09-16 23:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 17:59 - 2015-09-16 23:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 17:59 - 2015-09-16 23:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 17:59 - 2015-09-16 23:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 17:59 - 2015-09-16 23:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 17:59 - 2015-09-16 23:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 17:59 - 2015-09-16 23:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 17:59 - 2015-09-16 23:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 17:59 - 2015-09-16 23:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 17:59 - 2015-09-16 23:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 17:59 - 2015-09-16 23:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 17:59 - 2015-09-16 23:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 17:59 - 2015-09-16 23:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 17:59 - 2015-09-16 23:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 17:59 - 2015-09-16 23:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 17:59 - 2015-09-16 23:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 17:59 - 2015-09-16 23:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 17:59 - 2015-09-16 23:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 17:59 - 2015-09-16 23:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 17:59 - 2015-09-16 23:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 17:59 - 2015-09-16 22:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 17:59 - 2015-09-16 22:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 17:59 - 2015-09-16 22:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 17:59 - 2015-09-16 22:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 17:59 - 2015-09-16 22:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 17:59 - 2015-09-16 22:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 17:59 - 2015-09-16 22:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 17:59 - 2015-09-16 22:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 17:59 - 2015-09-16 22:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 17:59 - 2015-09-16 22:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 17:59 - 2015-09-16 22:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 17:59 - 2015-09-16 22:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 17:59 - 2015-09-16 22:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 17:59 - 2015-09-16 22:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 17:59 - 2015-09-16 22:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 17:59 - 2015-09-16 22:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 17:59 - 2015-09-16 22:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 17:59 - 2015-09-16 22:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 17:59 - 2015-09-16 22:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 17:59 - 2015-09-16 22:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 17:59 - 2015-09-16 22:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 17:59 - 2015-09-16 22:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 17:59 - 2015-09-16 22:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 17:59 - 2015-09-16 22:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 17:59 - 2015-09-16 22:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 17:59 - 2015-09-16 22:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 17:59 - 2015-09-12 19:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 17:59 - 2015-09-12 18:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 17:58 - 2015-09-24 16:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 17:58 - 2015-09-24 16:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 17:58 - 2015-09-24 16:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:58 - 2015-09-24 16:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 17:58 - 2015-09-24 16:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 17:58 - 2015-09-24 16:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 17:58 - 2015-09-24 16:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 17:58 - 2015-09-24 16:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 17:58 - 2015-09-24 16:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 17:58 - 2015-09-24 15:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 17:58 - 2015-09-24 15:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 17:58 - 2015-09-24 15:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 17:58 - 2015-09-24 15:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 17:58 - 2015-09-18 22:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 17:58 - 2015-09-16 23:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 17:58 - 2015-09-16 23:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 17:58 - 2015-09-16 23:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 17:58 - 2015-09-16 23:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 17:58 - 2015-09-16 23:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 17:58 - 2015-09-16 23:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 17:58 - 2015-09-16 23:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 17:58 - 2015-09-16 23:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 17:58 - 2015-09-16 23:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 17:58 - 2015-09-16 23:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 17:58 - 2015-09-16 23:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 17:58 - 2015-09-16 23:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 17:58 - 2015-09-16 23:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 17:58 - 2015-09-16 23:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 17:58 - 2015-09-16 23:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 17:58 - 2015-09-16 23:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 17:58 - 2015-09-16 23:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 17:58 - 2015-09-16 23:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 17:58 - 2015-09-16 23:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 17:58 - 2015-09-16 23:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 17:58 - 2015-09-16 22:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 17:58 - 2015-09-16 22:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 17:58 - 2015-09-16 22:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 17:58 - 2015-09-16 22:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 17:58 - 2015-09-16 22:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 17:58 - 2015-09-16 22:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 17:58 - 2015-09-16 22:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 17:58 - 2015-09-16 22:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 17:58 - 2015-09-16 22:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 17:58 - 2015-09-16 22:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 17:58 - 2015-09-16 22:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 17:58 - 2015-09-16 22:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:58 - 2015-09-16 22:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 17:58 - 2015-09-16 22:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 17:58 - 2015-09-16 22:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 17:58 - 2015-09-16 22:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 17:58 - 2015-09-16 22:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 17:58 - 2015-09-16 22:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 17:58 - 2015-09-16 22:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:58 - 2015-09-16 22:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 17:58 - 2015-09-16 22:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 17:57 - 2015-09-16 22:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 17:56 - 2015-09-24 17:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 17:56 - 2015-09-24 17:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 17:56 - 2015-09-24 16:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 17:56 - 2015-09-24 15:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 17:56 - 2015-09-16 23:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 17:56 - 2015-09-16 23:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 17:56 - 2015-09-16 23:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 17:56 - 2015-09-16 23:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 17:56 - 2015-09-16 23:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 17:56 - 2015-09-16 23:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 17:56 - 2015-09-16 23:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 17:56 - 2015-09-16 22:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 17:56 - 2015-09-16 22:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 17:56 - 2015-09-16 22:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:56 - 2015-09-16 22:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 17:56 - 2015-09-16 22:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 17:56 - 2015-09-16 22:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 17:56 - 2015-09-16 22:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 17:56 - 2015-09-16 22:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 17:56 - 2015-09-16 22:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 17:56 - 2015-09-16 22:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 17:56 - 2015-09-16 22:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 17:56 - 2015-09-16 22:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 17:56 - 2015-09-16 22:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:56 - 2015-09-16 22:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 17:56 - 2015-09-16 22:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 17:56 - 2015-09-16 22:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-30 13:40 - 2015-09-30 13:40 - 00002347 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-30 13:39 - 2015-09-30 13:40 - 00929872 _____ (Google Inc.) C:\Users\Tom\Downloads\ChromeSetup.exe
2015-09-30 01:27 - 2015-09-30 01:27 - 00000000 ____D C:\Users\Tom\AppData\Roaming\OpenOffice
2015-09-30 01:26 - 2015-09-30 01:26 - 07846992 _____ (Microsoft Corporation) C:\Users\Tom\Downloads\OneDriveSetup.exe
2015-09-30 01:25 - 2015-09-30 01:25 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-09-30 01:25 - 2015-09-30 01:25 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-09-30 01:24 - 2015-09-30 01:25 - 00929872 _____ (Google Inc.) C:\Users\Tom\Downloads\googledrivesync (2).exe
2015-09-30 01:24 - 2015-09-30 01:24 - 00000000 ____D C:\Users\Tom\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
2015-09-30 01:24 - 2015-09-30 01:24 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-09-30 01:20 - 2015-09-30 01:23 - 140852175 _____ C:\Users\Tom\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-09-30 00:36 - 2015-09-30 00:43 - 00000000 ____D C:\Users\Tom\AppData\Roaming\WinPatrol
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\ProgramData\InstallMate
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\Program Files (x86)\Ruiware
2015-09-30 00:35 - 2015-09-30 00:35 - 01292424 _____ (Ruiware) C:\Users\Tom\Downloads\wpsetup.exe
2015-09-29 23:01 - 2015-09-29 23:01 - 00204496 _____ (Malwarebytes) C:\Users\Tom\Downloads\startuplite-setup-1.07.exe
2015-09-29 22:27 - 2015-10-06 17:47 - 00000000 ____D C:\FRST
2015-09-29 22:24 - 2015-10-06 17:47 - 02193920 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2015-09-29 22:22 - 2015-09-29 22:22 - 00688992 ____R (Swearware) C:\Users\Tom\Downloads\dds.scr
2015-09-29 16:18 - 2015-09-29 16:18 - 00507832 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\tos_sps64.sys
2015-09-29 15:53 - 2015-09-29 15:53 - 00000000 ____D C:\$SysReset
2015-09-29 02:08 - 2015-09-29 02:08 - 00000000 ____D C:\Users\Tom\AppData\Local\Foxit Reader
2015-09-28 07:18 - 2015-09-28 07:18 - 00015248 _____ C:\Users\Tom\Downloads\september 22.odt
2015-09-21 07:08 - 2015-09-21 07:08 - 00016324 _____ C:\Users\Tom\Downloads\september 8.odt
2015-09-16 09:57 - 2015-10-05 16:46 - 00000000 ____D C:\Users\Tom\AppData\Local\Avg
2015-09-15 15:43 - 2015-09-29 15:59 - 00000000 ____D C:\Users\Public\Foxit Software
2015-09-15 15:43 - 2015-09-15 15:43 - 00002233 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-09-15 15:43 - 2015-09-15 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-09-14 18:10 - 2015-09-14 18:11 - 00000000 ____D C:\Users\Tom\Desktop\Rose
2015-09-09 17:22 - 2015-09-14 07:50 - 00001166 _____ C:\Users\Tom\Downloads\debug.log
2015-09-09 08:00 - 2015-08-26 23:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 08:00 - 2015-08-26 23:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(2923).dll
2015-09-09 08:00 - 2015-08-26 23:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 08:00 - 2015-08-26 22:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 08:00 - 2015-08-26 22:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 08:00 - 2015-08-26 22:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive(3143).dll
2015-09-09 08:00 - 2015-08-26 22:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 08:00 - 2015-08-26 22:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 08:00 - 2015-08-26 22:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 08:00 - 2015-08-26 22:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon(3149).exe
2015-09-09 08:00 - 2015-08-26 22:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct(3053).dll
2015-09-09 08:00 - 2015-08-26 22:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 08:00 - 2015-08-26 22:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 08:00 - 2015-08-26 22:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 08:00 - 2015-08-26 22:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 08:00 - 2015-08-26 22:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 08:00 - 2015-08-26 22:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 08:00 - 2015-08-26 22:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 08:00 - 2015-08-26 22:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 08:00 - 2015-08-26 22:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 08:00 - 2015-08-26 22:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 03:23 - 2015-09-09 03:23 - 00023152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys
2015-09-07 08:22 - 2015-09-07 08:22 - 00016150 _____ C:\Users\Tom\Downloads\september 1.odt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-06 17:46 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-06 17:44 - 2015-07-10 05:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-06 17:40 - 2015-07-07 16:29 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA.job
2015-10-06 17:30 - 2012-11-17 10:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-06 17:29 - 2015-08-11 19:37 - 00000000 ____D C:\Users\Tom\OneDrive
2015-10-06 17:29 - 2014-01-30 20:46 - 00000000 ___RD C:\Users\Tom\Google Drive
2015-10-06 17:29 - 2012-04-05 03:19 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-06 17:23 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-06 16:55 - 2012-04-05 03:19 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-06 16:05 - 2012-11-17 10:25 - 00000000 ____D C:\ProgramData\MFAData
2015-10-06 13:49 - 2013-11-11 09:57 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A1DC5D4-3385-455E-808A-DC4EC55203EB}
2015-10-06 10:37 - 2013-01-04 08:00 - 02052096 ___SH C:\Users\Tom\Desktop\Thumbs.db
2015-10-06 08:33 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-06 08:33 - 2012-10-30 14:37 - 00001890 ___SH C:\ProgramData\KGyGaAvL.sys
2015-10-06 00:39 - 2015-07-07 16:29 - 00000872 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core.job
2015-10-05 18:22 - 2014-06-18 00:38 - 00007606 _____ C:\Users\Tom\AppData\Local\resmon.resmoncfg
2015-10-05 16:57 - 2015-08-11 19:13 - 00881010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-05 16:50 - 2015-07-10 05:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 16:49 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-05 16:45 - 2015-08-16 11:17 - 00000000 ____D C:\ProgramData\AVG2015
2015-10-05 16:45 - 2015-07-22 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-05 16:45 - 2012-11-17 10:28 - 00000000 ___HD C:\$AVG
2015-10-05 16:44 - 2015-07-10 04:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-05 16:43 - 2012-11-17 10:28 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-05 16:16 - 2015-08-11 18:52 - 00000000 ____D C:\Users\Tom
2015-10-05 07:22 - 2012-03-01 23:19 - 00000000 ____D C:\Users\Tom\Documents\Kitty
2015-10-05 07:06 - 2012-11-01 16:56 - 00000000 ____D C:\Users\Tom\Documents\VCheck
2015-10-02 15:42 - 2012-10-28 10:37 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Dropbox
2015-10-02 08:30 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 07:31 - 2015-08-11 18:37 - 00068624 _____ C:\WINDOWS\PFRO.log
2015-10-01 15:52 - 2015-07-10 03:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-01 14:51 - 2013-06-13 08:26 - 00000000 ____D C:\Users\Tom\Desktop\Stuff to Sell
2015-10-01 14:46 - 2012-10-28 08:29 - 00116616 _____ C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-01 05:03 - 2015-07-10 02:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-30 15:07 - 2013-01-09 08:04 - 16155648 ___SH C:\Users\Tom\Downloads\Thumbs.db
2015-09-30 02:04 - 2015-03-09 16:37 - 00002096 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2015-09-30 01:29 - 2015-07-10 05:20 - 00416304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-30 01:26 - 2015-08-11 20:13 - 00002380 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-30 01:25 - 2014-01-30 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-09-29 16:37 - 2015-07-10 05:20 - 00026646 _____ C:\WINDOWS\setupact.log
2015-09-29 16:36 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-29 16:13 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-29 16:13 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-29 16:13 - 2013-06-25 21:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Garmin
2015-09-29 16:12 - 2014-02-01 10:58 - 00000000 ____D C:\Program Files (x86)\Quicken
2015-09-29 16:12 - 2014-01-10 14:38 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-09-29 16:12 - 2013-11-12 10:43 - 00000000 ____D C:\ProgramData\opencpn
2015-09-29 16:12 - 2012-04-05 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-29 16:04 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\registration
2015-09-29 16:00 - 2012-10-30 17:20 - 00000000 ____D C:\Users\Tom\Documents\Canon
2015-09-29 16:00 - 2012-10-28 13:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2015-09-29 16:00 - 2010-07-20 19:34 - 00000000 ____D C:\Users\Tom\Documents\Business
2015-09-29 16:00 - 2010-07-20 19:31 - 00000000 ____D C:\Users\Tom\Documents\Boat
2015-09-29 15:59 - 2015-09-05 01:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-09-29 15:59 - 2015-08-27 15:16 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files\MSBuild
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-29 15:59 - 2015-08-11 19:03 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-29 15:59 - 2015-08-11 19:03 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-29 15:59 - 2015-08-11 18:55 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-09-29 15:59 - 2015-08-11 18:46 - 00000000 ____D C:\Program Files\Realtek
2015-09-29 15:59 - 2015-07-10 06:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-09-29 15:59 - 2015-07-10 02:05 - 00000000 __RHD C:\Users\Default
2015-09-29 15:59 - 2015-07-07 16:29 - 00000000 ____D C:\Users\Tom\AppData\Local\Dropbox
2015-09-29 15:59 - 2015-07-07 15:55 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-29 15:59 - 2015-07-07 15:55 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-09-29 15:59 - 2015-02-04 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenCPN
2015-09-29 15:59 - 2015-02-03 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-09-29 15:59 - 2014-12-22 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oso Software
2015-09-29 15:59 - 2014-10-07 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2015-09-29 15:59 - 2014-01-30 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-09-29 15:59 - 2014-01-19 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caminova
2015-09-29 15:59 - 2013-11-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ford Motor Company
2015-09-29 15:59 - 2013-07-13 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-09-29 15:59 - 2013-07-03 06:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-09-29 15:59 - 2013-02-19 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-09-29 15:59 - 2013-02-19 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-09-29 15:59 - 2012-11-01 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-29 15:59 - 2012-10-30 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office X5
2015-09-29 15:59 - 2012-10-28 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Better Homes and Gardens
2015-09-29 15:59 - 2011-11-08 00:14 - 00000000 ____D C:\Program Files (x86)\Toshiba
2015-09-29 15:59 - 2011-11-08 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-09-29 14:49 - 2015-08-16 11:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Avg2015
2015-09-21 20:52 - 2013-11-02 11:52 - 00000000 ____D C:\Users\Tom\Desktop\Boat Docs
2015-09-17 09:00 - 2012-10-28 09:08 - 00000000 ____D C:\Users\Tom\Documents\Quicken
2015-09-16 21:30 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI(2834)
2015-09-15 15:44 - 2012-11-05 00:01 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Foxit Software
2015-09-15 09:45 - 2014-12-22 15:35 - 00011014 _____ C:\Users\Tom\Desktop\Boat work list.xlsx
2015-09-14 18:10 - 2014-12-28 16:52 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2015-09-14 17:53 - 2013-08-25 07:37 - 00000000 ____D C:\Users\Tom\Desktop\Lincoln Pics
2015-09-14 16:15 - 2013-11-02 10:19 - 00000000 ____D C:\Users\Tom\Desktop\Navigation
2015-09-14 12:49 - 2012-04-05 03:19 - 00003978 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-14 12:49 - 2012-04-05 03:19 - 00003746 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 09:27 - 2015-08-11 19:30 - 00000000 ____D C:\Windows.old
2015-09-11 15:59 - 2013-11-25 02:48 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2015-09-11 07:08 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-09 12:53 - 2012-10-28 08:59 - 00000000 ____D C:\Users\Tom\AppData\Local\Google
2015-09-09 08:15 - 2012-11-01 16:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 08:13 - 2013-08-14 13:10 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2013-03-28 21:22 - 2013-03-28 21:22 - 0038465 _____ () C:\Users\Tom\AppData\Roaming\Comma Separated Values (DOS).ADR
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\System Image Utility
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\SystemConfiguration
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Tables
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Techno Kit
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Trumpet Section
2014-06-18 00:38 - 2015-10-05 18:22 - 0007606 _____ () C:\Users\Tom\AppData\Local\resmon.resmoncfg
2015-02-03 20:43 - 2015-02-03 20:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-30 14:37 - 2015-10-06 08:33 - 0001890 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-12-28 16:50 - 2014-12-28 16:50 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-12-28 16:52 - 2015-09-14 18:10 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-12-28 16:50 - 2014-12-28 16:58 - 0000020 ____H () C:\ProgramData\PKP_DLeu.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\ProgramData\Textures
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\ProgramData\Themes
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\ProgramData\Track Settings
2014-12-28 16:50 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\User Pictures
2014-12-28 16:52 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2014-12-28 16:52 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\WebServer
2014-12-28 16:50 - 2014-12-28 16:50 - 0000012 ___RH () C:\ProgramData\Woodwind
2012-04-05 03:15 - 2012-04-05 03:16 - 0000108 _____ () C:\ProgramData\{2637C347-9DAD-11D6-9EA2-00055D0CA761}.log

Some files in TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\Checkupdate.exe
C:\Users\Tom\AppData\Local\Temp\Execute2App.exe
C:\Users\Tom\AppData\Local\Temp\FDC7.exe
C:\Users\Tom\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Tom\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Tom\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Tom\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Tom\AppData\Local\Temp\HPPSdr.exe
C:\Users\Tom\AppData\Local\Temp\msvcp90.dll
C:\Users\Tom\AppData\Local\Temp\msvcr90.dll
C:\Users\Tom\AppData\Local\Temp\yef0g7eq.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-01 01:40

==================== End of FRST.txt ============================
yotboss
Active Member
 
Posts: 7
Joined: September 30th, 2015, 1:34 am
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby yotboss » October 6th, 2015, 8:55 pm

Thanks so much for your help; Here's what I got:




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Tom (administrator) on TOM-PC (06-10-2015 17:47:52)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Darfon Electronics Corp.) C:\Windows\AIOKBApp.exe
(Darfon Electronics Corp.) C:\Windows\TiltMouseAPP.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Xmarks.com) C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\bagent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [981888 2011-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-06-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe [2409856 2011-07-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [718720 2011-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [AIOKBApp] => C:\windows\AIOKBApp.exe [114176 2010-06-28] (Darfon Electronics Corp.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [TiltMouse] => C:\windows\TiltMouseAPP.exe [119296 2011-09-08] (Darfon Electronics Corp.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE [136600 2010-10-26] (Corel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3812264 2015-09-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ThreatFire] => C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2557976 2014-04-27] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1125800 2015-09-22] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [9919C2326C0CBD6C8225179850E066432A2C85FF._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-05] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568208 2015-09-11] (Google)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [HP Officejet Pro 6830 (NET) #2] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-05] (Ruiware)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-11-01]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{63ee65b5-b63c-4916-97f4-68af95ba7f95}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{b0777f1f-9d32-4427-9e6e-bd645a97df6e}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{C5CD7E69-03EC-4F15-860A-BBD3B229D560}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
URLSearchHook: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM -> {34814D24-72D1-418B-B5CD-19F1645B9532} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {34814D24-72D1-418B-B5CD-19F1645B9532} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^F3&apn_dtid=^YYYYYY^YY^US&apn_uid=f4b9198a-4b01-4057-a21f-21be3ac8b263&apn_sauid=890AB66F-691B-48AB-9A11-AAAB7E1F67A7
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {3F86C6E8-0F86-4ED2-88D2-059A2AE805FB} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {406DF028-D48F-482A-8F44-1FE7882A8B9E} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^F3&apn_dtid=^YYYYYY^YY^US&apn_uid=f4b9198a-4b01-4057-a21f-21be3ac8b263&apn_sauid=890AB66F-691B-48AB-9A11-AAAB7E1F67A7
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {44B9AC37-4AC8-4910-BB0D-F980BFE3D499} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS507
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_enUS389US389
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {A5780388-3FF6-458E-8AB7-1EE4206A3A55} URL = hxxp://searchou.com/?q={searchTerms}&id=d02bbf4f000000000000aeb70de4ce68&r=109
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-15] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2012-10-28] ()
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-15] (Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-16] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2012-10-28] ()
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-16] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2012-10-28] ()
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.0.444\AVG SafeGuard toolbar_toolbar.dll [2014-04-27] (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2012-10-28] ()
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.0.444\AVG SafeGuard toolbar_toolbar.dll [2014-04-27] (AVG Secure Search)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
IE Session Restore: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> is enabled.
Handler-x32: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files (x86)\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll [2001-11-05] (G7 Productivity Systems, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll [2014-04-27] (AVG Secure Search)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> is enabled.

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-07-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll [No File]
FF Plugin-x32: @caminova.com/DjVuPlugin -> C:\Program Files (x86)\Caminova\Document Express DjVu Plug-in\npdjvu.dll [2013-06-03] (Caminova, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-16] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-07-28] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2395183170-2378603555-2842505502-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-02]

Chrome:
=======
CHR HomePage: Default -> hxxp://my.yahoo.com/
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com/?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&pr=fr&d=2013-01-22 21:18:59&v=14.0.0.14&pid=safeguard&sg=1&sap=hp","hxxp://searchou.com/?id=d02bbf4f000000000000aeb70de4ce68","hxxp://mysearch.avg.com/?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&pr=fr&d=2013-08-26 21:27:07&v=15.6.1.2&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-11-04 18:26:15&v=17.0.1.12&pid=safeguard&sg=0&sap=hp"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-09-06]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-01]
CHR Extension: (Google Drive) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-01]
CHR Extension: (Bookmark Sentry (scanner)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga [2014-11-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-12-02]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-01]
CHR Extension: (Google Search) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-01]
CHR Extension: (High Contrast) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2014-09-06]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2012-10-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Skype Click to Call) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Poppit!) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-09-06]
CHR Extension: (AVG SafeGuard) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-07-14]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-01]
CHR HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2012-10-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.0.444\avg.crx [2014-04-27]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-07-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-11-01] (Adobe Systems) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604712 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3792880 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1042344 2015-09-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [596344 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-09-09] (Foxit Software Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-05-30] (Realsil Microelectronics Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-20] (DEVGURU Co., LTD.)
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-27] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-09-11] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [293296 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [251312 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [314800 2015-08-31] (AVG Technologies CZ, s.r.o.)
R3 CXPOLARIS; C:\Windows\system32\drivers\cxRDU253S.sys [558112 2015-05-21] (Conexant Systems, Inc.)
R3 DFKBfilter; C:\Windows\system32\drivers\DFKBfilter.sys [24712 2010-06-24] (Darfon Electronics Corp.)
R3 DFMousefilter; C:\Windows\system32\drivers\DFMousefilter.sys [24200 2010-06-24] (Darfon Electronics Corp.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R3 nuviocir; C:\Windows\system32\DRIVERS\nuviocir_x64.sys [39704 2013-07-15] (Nuvoton Technology Corp.)
R3 NWVoltron; C:\Windows\System32\drivers\NWVoltron.sys [28920 2015-08-11] ()
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-10-02] (Toshiba Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-06 17:47 - 2015-10-06 17:48 - 00044170 _____ C:\Users\Tom\Desktop\FRST.txt
2015-10-06 17:47 - 2015-10-06 17:47 - 00000000 ____D C:\Users\Tom\Desktop\FRST-OlderVersion
2015-10-06 17:29 - 2015-10-06 17:29 - 00016148 _____ C:\WINDOWS\system32\TOM-PC_Tom_HistoryPrediction.bin
2015-10-06 17:29 - 2015-10-06 17:29 - 00000000 ___HD C:\OneDriveTemp
2015-10-06 09:51 - 2015-10-06 09:51 - 00017935 _____ C:\Users\Tom\Downloads\september 29.odt
2015-10-05 16:45 - 2015-10-05 16:45 - 00000000 ____D C:\Users\Tom\AppData\Roaming\AVG
2015-10-05 16:42 - 2015-10-05 16:42 - 00000948 _____ C:\Users\Public\Desktop\AVG.lnk
2015-10-05 16:42 - 2015-10-05 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-10-05 16:41 - 2015-10-05 16:43 - 00000000 ____D C:\ProgramData\Avg
2015-10-05 16:41 - 2015-10-05 16:42 - 00000000 ____D C:\Users\Tom\AppData\Local\AvgSetupLog
2015-10-02 15:42 - 2015-10-02 15:42 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 08:03 - 2015-10-02 08:03 - 00045728 _____ (Toshiba Corporation) C:\WINDOWS\system32\Drivers\Thotkey.sys
2015-10-02 08:02 - 2015-10-02 08:02 - 00045184 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\TVALZ_O.SYS
2015-10-02 07:41 - 2015-09-15 09:12 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 07:41 - 2015-09-15 09:12 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 15:06 - 2015-10-01 15:06 - 00059392 _____ C:\Users\Tom\Downloads\Invoice Wurfl Construction DelMarStairGuardRailDeposit.xls
2015-09-30 17:59 - 2015-09-24 17:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 17:59 - 2015-09-24 16:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 17:59 - 2015-09-24 16:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 17:59 - 2015-09-24 16:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 17:59 - 2015-09-24 16:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 17:59 - 2015-09-24 16:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 17:59 - 2015-09-24 16:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 17:59 - 2015-09-24 15:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 17:59 - 2015-09-24 15:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 17:59 - 2015-09-24 15:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 17:59 - 2015-09-16 23:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 17:59 - 2015-09-16 23:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 17:59 - 2015-09-16 23:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 17:59 - 2015-09-16 23:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 17:59 - 2015-09-16 23:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 17:59 - 2015-09-16 23:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 17:59 - 2015-09-16 23:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 17:59 - 2015-09-16 23:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 17:59 - 2015-09-16 23:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 17:59 - 2015-09-16 23:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 17:59 - 2015-09-16 23:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 17:59 - 2015-09-16 23:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 17:59 - 2015-09-16 23:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 17:59 - 2015-09-16 23:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 17:59 - 2015-09-16 23:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 17:59 - 2015-09-16 23:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 17:59 - 2015-09-16 23:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 17:59 - 2015-09-16 23:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 17:59 - 2015-09-16 23:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 17:59 - 2015-09-16 23:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 17:59 - 2015-09-16 23:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 17:59 - 2015-09-16 23:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 17:59 - 2015-09-16 22:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 17:59 - 2015-09-16 22:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 17:59 - 2015-09-16 22:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 17:59 - 2015-09-16 22:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 17:59 - 2015-09-16 22:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 17:59 - 2015-09-16 22:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 17:59 - 2015-09-16 22:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 17:59 - 2015-09-16 22:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 17:59 - 2015-09-16 22:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 17:59 - 2015-09-16 22:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 17:59 - 2015-09-16 22:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 17:59 - 2015-09-16 22:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 17:59 - 2015-09-16 22:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 17:59 - 2015-09-16 22:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 17:59 - 2015-09-16 22:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 17:59 - 2015-09-16 22:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 17:59 - 2015-09-16 22:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 17:59 - 2015-09-16 22:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 17:59 - 2015-09-16 22:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 17:59 - 2015-09-16 22:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 17:59 - 2015-09-16 22:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 17:59 - 2015-09-16 22:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 17:59 - 2015-09-16 22:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 17:59 - 2015-09-16 22:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 17:59 - 2015-09-16 22:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 17:59 - 2015-09-16 22:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 17:59 - 2015-09-12 19:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 17:59 - 2015-09-12 18:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 17:58 - 2015-09-24 16:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 17:58 - 2015-09-24 16:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 17:58 - 2015-09-24 16:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:58 - 2015-09-24 16:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 17:58 - 2015-09-24 16:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 17:58 - 2015-09-24 16:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 17:58 - 2015-09-24 16:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 17:58 - 2015-09-24 16:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 17:58 - 2015-09-24 16:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 17:58 - 2015-09-24 15:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 17:58 - 2015-09-24 15:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 17:58 - 2015-09-24 15:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 17:58 - 2015-09-24 15:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 17:58 - 2015-09-18 22:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 17:58 - 2015-09-16 23:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 17:58 - 2015-09-16 23:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 17:58 - 2015-09-16 23:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 17:58 - 2015-09-16 23:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 17:58 - 2015-09-16 23:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 17:58 - 2015-09-16 23:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 17:58 - 2015-09-16 23:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 17:58 - 2015-09-16 23:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 17:58 - 2015-09-16 23:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 17:58 - 2015-09-16 23:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 17:58 - 2015-09-16 23:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 17:58 - 2015-09-16 23:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 17:58 - 2015-09-16 23:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 17:58 - 2015-09-16 23:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 17:58 - 2015-09-16 23:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 17:58 - 2015-09-16 23:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 17:58 - 2015-09-16 23:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 17:58 - 2015-09-16 23:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 17:58 - 2015-09-16 23:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 17:58 - 2015-09-16 23:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 17:58 - 2015-09-16 22:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 17:58 - 2015-09-16 22:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 17:58 - 2015-09-16 22:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 17:58 - 2015-09-16 22:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 17:58 - 2015-09-16 22:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 17:58 - 2015-09-16 22:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 17:58 - 2015-09-16 22:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 17:58 - 2015-09-16 22:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 17:58 - 2015-09-16 22:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 17:58 - 2015-09-16 22:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 17:58 - 2015-09-16 22:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 17:58 - 2015-09-16 22:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:58 - 2015-09-16 22:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 17:58 - 2015-09-16 22:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 17:58 - 2015-09-16 22:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 17:58 - 2015-09-16 22:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 17:58 - 2015-09-16 22:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 17:58 - 2015-09-16 22:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 17:58 - 2015-09-16 22:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:58 - 2015-09-16 22:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 17:58 - 2015-09-16 22:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 17:57 - 2015-09-16 22:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 17:56 - 2015-09-24 17:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 17:56 - 2015-09-24 17:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 17:56 - 2015-09-24 16:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 17:56 - 2015-09-24 15:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 17:56 - 2015-09-16 23:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 17:56 - 2015-09-16 23:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 17:56 - 2015-09-16 23:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 17:56 - 2015-09-16 23:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 17:56 - 2015-09-16 23:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 17:56 - 2015-09-16 23:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 17:56 - 2015-09-16 23:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 17:56 - 2015-09-16 22:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 17:56 - 2015-09-16 22:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 17:56 - 2015-09-16 22:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:56 - 2015-09-16 22:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 17:56 - 2015-09-16 22:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 17:56 - 2015-09-16 22:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 17:56 - 2015-09-16 22:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 17:56 - 2015-09-16 22:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 17:56 - 2015-09-16 22:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 17:56 - 2015-09-16 22:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 17:56 - 2015-09-16 22:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 17:56 - 2015-09-16 22:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 17:56 - 2015-09-16 22:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:56 - 2015-09-16 22:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 17:56 - 2015-09-16 22:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 17:56 - 2015-09-16 22:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-30 13:40 - 2015-09-30 13:40 - 00002347 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-30 13:39 - 2015-09-30 13:40 - 00929872 _____ (Google Inc.) C:\Users\Tom\Downloads\ChromeSetup.exe
2015-09-30 01:27 - 2015-09-30 01:27 - 00000000 ____D C:\Users\Tom\AppData\Roaming\OpenOffice
2015-09-30 01:26 - 2015-09-30 01:26 - 07846992 _____ (Microsoft Corporation) C:\Users\Tom\Downloads\OneDriveSetup.exe
2015-09-30 01:25 - 2015-09-30 01:25 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-09-30 01:25 - 2015-09-30 01:25 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-09-30 01:24 - 2015-09-30 01:25 - 00929872 _____ (Google Inc.) C:\Users\Tom\Downloads\googledrivesync (2).exe
2015-09-30 01:24 - 2015-09-30 01:24 - 00000000 ____D C:\Users\Tom\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
2015-09-30 01:24 - 2015-09-30 01:24 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-09-30 01:20 - 2015-09-30 01:23 - 140852175 _____ C:\Users\Tom\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-09-30 00:36 - 2015-09-30 00:43 - 00000000 ____D C:\Users\Tom\AppData\Roaming\WinPatrol
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\ProgramData\InstallMate
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\Program Files (x86)\Ruiware
2015-09-30 00:35 - 2015-09-30 00:35 - 01292424 _____ (Ruiware) C:\Users\Tom\Downloads\wpsetup.exe
2015-09-29 23:01 - 2015-09-29 23:01 - 00204496 _____ (Malwarebytes) C:\Users\Tom\Downloads\startuplite-setup-1.07.exe
2015-09-29 22:27 - 2015-10-06 17:47 - 00000000 ____D C:\FRST
2015-09-29 22:24 - 2015-10-06 17:47 - 02193920 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2015-09-29 22:22 - 2015-09-29 22:22 - 00688992 ____R (Swearware) C:\Users\Tom\Downloads\dds.scr
2015-09-29 16:18 - 2015-09-29 16:18 - 00507832 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\tos_sps64.sys
2015-09-29 15:53 - 2015-09-29 15:53 - 00000000 ____D C:\$SysReset
2015-09-29 02:08 - 2015-09-29 02:08 - 00000000 ____D C:\Users\Tom\AppData\Local\Foxit Reader
2015-09-28 07:18 - 2015-09-28 07:18 - 00015248 _____ C:\Users\Tom\Downloads\september 22.odt
2015-09-21 07:08 - 2015-09-21 07:08 - 00016324 _____ C:\Users\Tom\Downloads\september 8.odt
2015-09-16 09:57 - 2015-10-05 16:46 - 00000000 ____D C:\Users\Tom\AppData\Local\Avg
2015-09-15 15:43 - 2015-09-29 15:59 - 00000000 ____D C:\Users\Public\Foxit Software
2015-09-15 15:43 - 2015-09-15 15:43 - 00002233 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-09-15 15:43 - 2015-09-15 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-09-14 18:10 - 2015-09-14 18:11 - 00000000 ____D C:\Users\Tom\Desktop\Rose
2015-09-09 17:22 - 2015-09-14 07:50 - 00001166 _____ C:\Users\Tom\Downloads\debug.log
2015-09-09 08:00 - 2015-08-26 23:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 08:00 - 2015-08-26 23:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(2923).dll
2015-09-09 08:00 - 2015-08-26 23:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 08:00 - 2015-08-26 22:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 08:00 - 2015-08-26 22:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 08:00 - 2015-08-26 22:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive(3143).dll
2015-09-09 08:00 - 2015-08-26 22:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 08:00 - 2015-08-26 22:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 08:00 - 2015-08-26 22:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 08:00 - 2015-08-26 22:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon(3149).exe
2015-09-09 08:00 - 2015-08-26 22:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct(3053).dll
2015-09-09 08:00 - 2015-08-26 22:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 08:00 - 2015-08-26 22:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 08:00 - 2015-08-26 22:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 08:00 - 2015-08-26 22:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 08:00 - 2015-08-26 22:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 08:00 - 2015-08-26 22:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 08:00 - 2015-08-26 22:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 08:00 - 2015-08-26 22:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 08:00 - 2015-08-26 22:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 08:00 - 2015-08-26 22:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 03:23 - 2015-09-09 03:23 - 00023152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys
2015-09-07 08:22 - 2015-09-07 08:22 - 00016150 _____ C:\Users\Tom\Downloads\september 1.odt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-06 17:46 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-06 17:44 - 2015-07-10 05:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-06 17:40 - 2015-07-07 16:29 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA.job
2015-10-06 17:30 - 2012-11-17 10:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-06 17:29 - 2015-08-11 19:37 - 00000000 ____D C:\Users\Tom\OneDrive
2015-10-06 17:29 - 2014-01-30 20:46 - 00000000 ___RD C:\Users\Tom\Google Drive
2015-10-06 17:29 - 2012-04-05 03:19 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-06 17:23 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-06 16:55 - 2012-04-05 03:19 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-06 16:05 - 2012-11-17 10:25 - 00000000 ____D C:\ProgramData\MFAData
2015-10-06 13:49 - 2013-11-11 09:57 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A1DC5D4-3385-455E-808A-DC4EC55203EB}
2015-10-06 10:37 - 2013-01-04 08:00 - 02052096 ___SH C:\Users\Tom\Desktop\Thumbs.db
2015-10-06 08:33 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-06 08:33 - 2012-10-30 14:37 - 00001890 ___SH C:\ProgramData\KGyGaAvL.sys
2015-10-06 00:39 - 2015-07-07 16:29 - 00000872 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core.job
2015-10-05 18:22 - 2014-06-18 00:38 - 00007606 _____ C:\Users\Tom\AppData\Local\resmon.resmoncfg
2015-10-05 16:57 - 2015-08-11 19:13 - 00881010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-05 16:50 - 2015-07-10 05:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 16:49 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-05 16:45 - 2015-08-16 11:17 - 00000000 ____D C:\ProgramData\AVG2015
2015-10-05 16:45 - 2015-07-22 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-05 16:45 - 2012-11-17 10:28 - 00000000 ___HD C:\$AVG
2015-10-05 16:44 - 2015-07-10 04:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-05 16:43 - 2012-11-17 10:28 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-05 16:16 - 2015-08-11 18:52 - 00000000 ____D C:\Users\Tom
2015-10-05 07:22 - 2012-03-01 23:19 - 00000000 ____D C:\Users\Tom\Documents\Kitty
2015-10-05 07:06 - 2012-11-01 16:56 - 00000000 ____D C:\Users\Tom\Documents\VCheck
2015-10-02 15:42 - 2012-10-28 10:37 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Dropbox
2015-10-02 08:30 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 07:31 - 2015-08-11 18:37 - 00068624 _____ C:\WINDOWS\PFRO.log
2015-10-01 15:52 - 2015-07-10 03:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-01 14:51 - 2013-06-13 08:26 - 00000000 ____D C:\Users\Tom\Desktop\Stuff to Sell
2015-10-01 14:46 - 2012-10-28 08:29 - 00116616 _____ C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-01 05:03 - 2015-07-10 02:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-30 15:07 - 2013-01-09 08:04 - 16155648 ___SH C:\Users\Tom\Downloads\Thumbs.db
2015-09-30 02:04 - 2015-03-09 16:37 - 00002096 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2015-09-30 01:29 - 2015-07-10 05:20 - 00416304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-30 01:26 - 2015-08-11 20:13 - 00002380 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-30 01:25 - 2014-01-30 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-09-29 16:37 - 2015-07-10 05:20 - 00026646 _____ C:\WINDOWS\setupact.log
2015-09-29 16:36 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-29 16:13 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-29 16:13 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-29 16:13 - 2013-06-25 21:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Garmin
2015-09-29 16:12 - 2014-02-01 10:58 - 00000000 ____D C:\Program Files (x86)\Quicken
2015-09-29 16:12 - 2014-01-10 14:38 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-09-29 16:12 - 2013-11-12 10:43 - 00000000 ____D C:\ProgramData\opencpn
2015-09-29 16:12 - 2012-04-05 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-29 16:04 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\registration
2015-09-29 16:00 - 2012-10-30 17:20 - 00000000 ____D C:\Users\Tom\Documents\Canon
2015-09-29 16:00 - 2012-10-28 13:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2015-09-29 16:00 - 2010-07-20 19:34 - 00000000 ____D C:\Users\Tom\Documents\Business
2015-09-29 16:00 - 2010-07-20 19:31 - 00000000 ____D C:\Users\Tom\Documents\Boat
2015-09-29 15:59 - 2015-09-05 01:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-09-29 15:59 - 2015-08-27 15:16 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files\MSBuild
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-29 15:59 - 2015-08-11 19:03 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-29 15:59 - 2015-08-11 19:03 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-29 15:59 - 2015-08-11 18:55 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-09-29 15:59 - 2015-08-11 18:46 - 00000000 ____D C:\Program Files\Realtek
2015-09-29 15:59 - 2015-07-10 06:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-09-29 15:59 - 2015-07-10 02:05 - 00000000 __RHD C:\Users\Default
2015-09-29 15:59 - 2015-07-07 16:29 - 00000000 ____D C:\Users\Tom\AppData\Local\Dropbox
2015-09-29 15:59 - 2015-07-07 15:55 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-29 15:59 - 2015-07-07 15:55 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-09-29 15:59 - 2015-02-04 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenCPN
2015-09-29 15:59 - 2015-02-03 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-09-29 15:59 - 2014-12-22 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oso Software
2015-09-29 15:59 - 2014-10-07 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2015-09-29 15:59 - 2014-01-30 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-09-29 15:59 - 2014-01-19 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caminova
2015-09-29 15:59 - 2013-11-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ford Motor Company
2015-09-29 15:59 - 2013-07-13 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-09-29 15:59 - 2013-07-03 06:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-09-29 15:59 - 2013-02-19 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-09-29 15:59 - 2013-02-19 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-09-29 15:59 - 2012-11-01 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-29 15:59 - 2012-10-30 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office X5
2015-09-29 15:59 - 2012-10-28 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Better Homes and Gardens
2015-09-29 15:59 - 2011-11-08 00:14 - 00000000 ____D C:\Program Files (x86)\Toshiba
2015-09-29 15:59 - 2011-11-08 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-09-29 14:49 - 2015-08-16 11:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Avg2015
2015-09-21 20:52 - 2013-11-02 11:52 - 00000000 ____D C:\Users\Tom\Desktop\Boat Docs
2015-09-17 09:00 - 2012-10-28 09:08 - 00000000 ____D C:\Users\Tom\Documents\Quicken
2015-09-16 21:30 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI(2834)
2015-09-15 15:44 - 2012-11-05 00:01 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Foxit Software
2015-09-15 09:45 - 2014-12-22 15:35 - 00011014 _____ C:\Users\Tom\Desktop\Boat work list.xlsx
2015-09-14 18:10 - 2014-12-28 16:52 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2015-09-14 17:53 - 2013-08-25 07:37 - 00000000 ____D C:\Users\Tom\Desktop\Lincoln Pics
2015-09-14 16:15 - 2013-11-02 10:19 - 00000000 ____D C:\Users\Tom\Desktop\Navigation
2015-09-14 12:49 - 2012-04-05 03:19 - 00003978 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-14 12:49 - 2012-04-05 03:19 - 00003746 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 09:27 - 2015-08-11 19:30 - 00000000 ____D C:\Windows.old
2015-09-11 15:59 - 2013-11-25 02:48 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2015-09-11 07:08 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-09 12:53 - 2012-10-28 08:59 - 00000000 ____D C:\Users\Tom\AppData\Local\Google
2015-09-09 08:15 - 2012-11-01 16:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 08:13 - 2013-08-14 13:10 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2013-03-28 21:22 - 2013-03-28 21:22 - 0038465 _____ () C:\Users\Tom\AppData\Roaming\Comma Separated Values (DOS).ADR
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\System Image Utility
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\SystemConfiguration
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Tables
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Techno Kit
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Trumpet Section
2014-06-18 00:38 - 2015-10-05 18:22 - 0007606 _____ () C:\Users\Tom\AppData\Local\resmon.resmoncfg
2015-02-03 20:43 - 2015-02-03 20:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-30 14:37 - 2015-10-06 08:33 - 0001890 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-12-28 16:50 - 2014-12-28 16:50 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-12-28 16:52 - 2015-09-14 18:10 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-12-28 16:50 - 2014-12-28 16:58 - 0000020 ____H () C:\ProgramData\PKP_DLeu.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\ProgramData\Textures
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\ProgramData\Themes
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\ProgramData\Track Settings
2014-12-28 16:50 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\User Pictures
2014-12-28 16:52 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2014-12-28 16:52 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\WebServer
2014-12-28 16:50 - 2014-12-28 16:50 - 0000012 ___RH () C:\ProgramData\Woodwind
2012-04-05 03:15 - 2012-04-05 03:16 - 0000108 _____ () C:\ProgramData\{2637C347-9DAD-11D6-9EA2-00055D0CA761}.log

Some files in TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\Checkupdate.exe
C:\Users\Tom\AppData\Local\Temp\Execute2App.exe
C:\Users\Tom\AppData\Local\Temp\FDC7.exe
C:\Users\Tom\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Tom\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Tom\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Tom\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Tom\AppData\Local\Temp\HPPSdr.exe
C:\Users\Tom\AppData\Local\Temp\msvcp90.dll
C:\Users\Tom\AppData\Local\Temp\msvcr90.dll
C:\Users\Tom\AppData\Local\Temp\yef0g7eq.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-01 01:40

==================== End of FRST.txt ============================
yotboss
Active Member
 
Posts: 7
Joined: September 30th, 2015, 1:34 am
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby yotboss » October 6th, 2015, 8:56 pm

Thanks so much for your help; Here's what I got:




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Tom (administrator) on TOM-PC (06-10-2015 17:47:52)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Darfon Electronics Corp.) C:\Windows\AIOKBApp.exe
(Darfon Electronics Corp.) C:\Windows\TiltMouseAPP.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Xmarks.com) C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\bagent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [981888 2011-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-06-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe [2409856 2011-07-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [718720 2011-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [AIOKBApp] => C:\windows\AIOKBApp.exe [114176 2010-06-28] (Darfon Electronics Corp.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [TiltMouse] => C:\windows\TiltMouseAPP.exe [119296 2011-09-08] (Darfon Electronics Corp.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE [136600 2010-10-26] (Corel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3812264 2015-09-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ThreatFire] => C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2557976 2014-04-27] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1125800 2015-09-22] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [9919C2326C0CBD6C8225179850E066432A2C85FF._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-05] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568208 2015-09-11] (Google)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [HP Officejet Pro 6830 (NET) #2] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-05] (Ruiware)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tom\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-09-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-11-01]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{63ee65b5-b63c-4916-97f4-68af95ba7f95}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{b0777f1f-9d32-4427-9e6e-bd645a97df6e}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{C5CD7E69-03EC-4F15-860A-BBD3B229D560}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx? ... 5r48m1s240
URLSearchHook: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM -> {34814D24-72D1-418B-B5CD-19F1645B9532} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {34814D24-72D1-418B-B5CD-19F1645B9532} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^F3&apn_dtid=^YYYYYY^YY^US&apn_uid=f4b9198a-4b01-4057-a21f-21be3ac8b263&apn_sauid=890AB66F-691B-48AB-9A11-AAAB7E1F67A7
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {3F86C6E8-0F86-4ED2-88D2-059A2AE805FB} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {406DF028-D48F-482A-8F44-1FE7882A8B9E} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^F3&apn_dtid=^YYYYYY^YY^US&apn_uid=f4b9198a-4b01-4057-a21f-21be3ac8b263&apn_sauid=890AB66F-691B-48AB-9A11-AAAB7E1F67A7
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {44B9AC37-4AC8-4910-BB0D-F980BFE3D499} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS507
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_enUS389US389
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ie ... =1&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> {A5780388-3FF6-458E-8AB7-1EE4206A3A55} URL = hxxp://searchou.com/?q={searchTerms}&id=d02bbf4f000000000000aeb70de4ce68&r=109
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-15] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2012-10-28] ()
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-15] (Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-16] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2012-10-28] ()
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-16] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2012-10-28] ()
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.0.444\AVG SafeGuard toolbar_toolbar.dll [2014-04-27] (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2012-10-28] ()
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.0.444\AVG SafeGuard toolbar_toolbar.dll [2014-04-27] (AVG Secure Search)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-21] (Google Inc.)
IE Session Restore: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> is enabled.
Handler-x32: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files (x86)\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll [2001-11-05] (G7 Productivity Systems, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll [2014-04-27] (AVG Secure Search)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000 -> is enabled.

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-07-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll [No File]
FF Plugin-x32: @caminova.com/DjVuPlugin -> C:\Program Files (x86)\Caminova\Document Express DjVu Plug-in\npdjvu.dll [2013-06-03] (Caminova, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-16] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-07-28] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2395183170-2378603555-2842505502-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-08-22] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-02]

Chrome:
=======
CHR HomePage: Default -> hxxp://my.yahoo.com/
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com/?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&pr=fr&d=2013-01-22 21:18:59&v=14.0.0.14&pid=safeguard&sg=1&sap=hp","hxxp://searchou.com/?id=d02bbf4f000000000000aeb70de4ce68","hxxp://mysearch.avg.com/?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&pr=fr&d=2013-08-26 21:27:07&v=15.6.1.2&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={7872D6F4-BC39-4299-AF57-07ED3B1772A8}&mid=169d1e3c66e647d09dcad16f2aeb880f-488af55708896336d8bd075caae1a0c5be5e601b&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-11-04 18:26:15&v=17.0.1.12&pid=safeguard&sg=0&sap=hp"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-09-06]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-01]
CHR Extension: (Google Docs) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-01]
CHR Extension: (Google Drive) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-01]
CHR Extension: (Bookmark Sentry (scanner)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga [2014-11-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-12-02]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-01]
CHR Extension: (Google Search) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-01]
CHR Extension: (High Contrast) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2014-09-06]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2012-10-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Skype Click to Call) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-10-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Poppit!) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-09-06]
CHR Extension: (AVG SafeGuard) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-07-14]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-01]
CHR HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2012-10-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\18.1.0.444\avg.crx [2014-04-27]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-07-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-11-01] (Adobe Systems) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604712 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3792880 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1042344 2015-09-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [596344 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-09-09] (Foxit Software Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-05-30] (Realsil Microelectronics Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-20] (DEVGURU Co., LTD.)
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-27] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-09-11] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [293296 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [251312 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [314800 2015-08-31] (AVG Technologies CZ, s.r.o.)
R3 CXPOLARIS; C:\Windows\system32\drivers\cxRDU253S.sys [558112 2015-05-21] (Conexant Systems, Inc.)
R3 DFKBfilter; C:\Windows\system32\drivers\DFKBfilter.sys [24712 2010-06-24] (Darfon Electronics Corp.)
R3 DFMousefilter; C:\Windows\system32\drivers\DFMousefilter.sys [24200 2010-06-24] (Darfon Electronics Corp.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
R3 nuviocir; C:\Windows\system32\DRIVERS\nuviocir_x64.sys [39704 2013-07-15] (Nuvoton Technology Corp.)
R3 NWVoltron; C:\Windows\System32\drivers\NWVoltron.sys [28920 2015-08-11] ()
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-10-02] (Toshiba Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-06 17:47 - 2015-10-06 17:48 - 00044170 _____ C:\Users\Tom\Desktop\FRST.txt
2015-10-06 17:47 - 2015-10-06 17:47 - 00000000 ____D C:\Users\Tom\Desktop\FRST-OlderVersion
2015-10-06 17:29 - 2015-10-06 17:29 - 00016148 _____ C:\WINDOWS\system32\TOM-PC_Tom_HistoryPrediction.bin
2015-10-06 17:29 - 2015-10-06 17:29 - 00000000 ___HD C:\OneDriveTemp
2015-10-06 09:51 - 2015-10-06 09:51 - 00017935 _____ C:\Users\Tom\Downloads\september 29.odt
2015-10-05 16:45 - 2015-10-05 16:45 - 00000000 ____D C:\Users\Tom\AppData\Roaming\AVG
2015-10-05 16:42 - 2015-10-05 16:42 - 00000948 _____ C:\Users\Public\Desktop\AVG.lnk
2015-10-05 16:42 - 2015-10-05 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-10-05 16:41 - 2015-10-05 16:43 - 00000000 ____D C:\ProgramData\Avg
2015-10-05 16:41 - 2015-10-05 16:42 - 00000000 ____D C:\Users\Tom\AppData\Local\AvgSetupLog
2015-10-02 15:42 - 2015-10-02 15:42 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 08:03 - 2015-10-02 08:03 - 00045728 _____ (Toshiba Corporation) C:\WINDOWS\system32\Drivers\Thotkey.sys
2015-10-02 08:02 - 2015-10-02 08:02 - 00045184 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\TVALZ_O.SYS
2015-10-02 07:41 - 2015-09-15 09:12 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 07:41 - 2015-09-15 09:12 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 15:06 - 2015-10-01 15:06 - 00059392 _____ C:\Users\Tom\Downloads\Invoice Wurfl Construction DelMarStairGuardRailDeposit.xls
2015-09-30 17:59 - 2015-09-24 17:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 17:59 - 2015-09-24 16:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 17:59 - 2015-09-24 16:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 17:59 - 2015-09-24 16:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 17:59 - 2015-09-24 16:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 17:59 - 2015-09-24 16:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 17:59 - 2015-09-24 16:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 17:59 - 2015-09-24 15:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 17:59 - 2015-09-24 15:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 17:59 - 2015-09-24 15:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 17:59 - 2015-09-16 23:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 17:59 - 2015-09-16 23:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 17:59 - 2015-09-16 23:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 17:59 - 2015-09-16 23:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 17:59 - 2015-09-16 23:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 17:59 - 2015-09-16 23:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 17:59 - 2015-09-16 23:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 17:59 - 2015-09-16 23:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 17:59 - 2015-09-16 23:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 17:59 - 2015-09-16 23:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 17:59 - 2015-09-16 23:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 17:59 - 2015-09-16 23:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 17:59 - 2015-09-16 23:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 17:59 - 2015-09-16 23:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 17:59 - 2015-09-16 23:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 17:59 - 2015-09-16 23:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 17:59 - 2015-09-16 23:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 17:59 - 2015-09-16 23:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 17:59 - 2015-09-16 23:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 17:59 - 2015-09-16 23:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 17:59 - 2015-09-16 23:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 17:59 - 2015-09-16 23:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 17:59 - 2015-09-16 23:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 17:59 - 2015-09-16 23:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 17:59 - 2015-09-16 23:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 17:59 - 2015-09-16 23:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 17:59 - 2015-09-16 22:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 17:59 - 2015-09-16 22:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 17:59 - 2015-09-16 22:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 17:59 - 2015-09-16 22:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 17:59 - 2015-09-16 22:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 17:59 - 2015-09-16 22:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 17:59 - 2015-09-16 22:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 17:59 - 2015-09-16 22:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 17:59 - 2015-09-16 22:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 17:59 - 2015-09-16 22:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 17:59 - 2015-09-16 22:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 17:59 - 2015-09-16 22:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 17:59 - 2015-09-16 22:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 17:59 - 2015-09-16 22:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 17:59 - 2015-09-16 22:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 17:59 - 2015-09-16 22:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 17:59 - 2015-09-16 22:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 17:59 - 2015-09-16 22:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 17:59 - 2015-09-16 22:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 17:59 - 2015-09-16 22:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 17:59 - 2015-09-16 22:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 17:59 - 2015-09-16 22:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 17:59 - 2015-09-16 22:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 17:59 - 2015-09-16 22:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 17:59 - 2015-09-16 22:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 17:59 - 2015-09-16 22:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 17:59 - 2015-09-16 22:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 17:59 - 2015-09-16 22:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 17:59 - 2015-09-16 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 17:59 - 2015-09-16 22:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 17:59 - 2015-09-16 22:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 17:59 - 2015-09-16 22:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 17:59 - 2015-09-16 22:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 17:59 - 2015-09-16 22:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 17:59 - 2015-09-16 22:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 17:59 - 2015-09-12 19:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 17:59 - 2015-09-12 18:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 17:58 - 2015-09-24 16:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 17:58 - 2015-09-24 16:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 17:58 - 2015-09-24 16:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:58 - 2015-09-24 16:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 17:58 - 2015-09-24 16:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 17:58 - 2015-09-24 16:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 17:58 - 2015-09-24 16:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 17:58 - 2015-09-24 16:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 17:58 - 2015-09-24 16:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 17:58 - 2015-09-24 15:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 17:58 - 2015-09-24 15:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 17:58 - 2015-09-24 15:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 17:58 - 2015-09-24 15:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 17:58 - 2015-09-24 15:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 17:58 - 2015-09-18 22:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 17:58 - 2015-09-16 23:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 17:58 - 2015-09-16 23:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 17:58 - 2015-09-16 23:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 17:58 - 2015-09-16 23:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 17:58 - 2015-09-16 23:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 17:58 - 2015-09-16 23:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 17:58 - 2015-09-16 23:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 17:58 - 2015-09-16 23:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 17:58 - 2015-09-16 23:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 17:58 - 2015-09-16 23:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 17:58 - 2015-09-16 23:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 17:58 - 2015-09-16 23:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 17:58 - 2015-09-16 23:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 17:58 - 2015-09-16 23:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 17:58 - 2015-09-16 23:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 17:58 - 2015-09-16 23:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 17:58 - 2015-09-16 23:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 17:58 - 2015-09-16 23:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 17:58 - 2015-09-16 23:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 17:58 - 2015-09-16 23:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 17:58 - 2015-09-16 23:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 17:58 - 2015-09-16 23:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 17:58 - 2015-09-16 23:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 17:58 - 2015-09-16 22:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 17:58 - 2015-09-16 22:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 17:58 - 2015-09-16 22:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 17:58 - 2015-09-16 22:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 17:58 - 2015-09-16 22:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 17:58 - 2015-09-16 22:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 17:58 - 2015-09-16 22:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 17:58 - 2015-09-16 22:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 17:58 - 2015-09-16 22:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 17:58 - 2015-09-16 22:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 17:58 - 2015-09-16 22:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 17:58 - 2015-09-16 22:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 17:58 - 2015-09-16 22:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 17:58 - 2015-09-16 22:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 17:58 - 2015-09-16 22:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:58 - 2015-09-16 22:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 17:58 - 2015-09-16 22:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 17:58 - 2015-09-16 22:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 17:58 - 2015-09-16 22:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 17:58 - 2015-09-16 22:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 17:58 - 2015-09-16 22:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 17:58 - 2015-09-16 22:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 17:58 - 2015-09-16 22:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 17:58 - 2015-09-16 22:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:58 - 2015-09-16 22:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 17:58 - 2015-09-16 22:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 17:57 - 2015-09-16 22:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 17:56 - 2015-09-24 17:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 17:56 - 2015-09-24 17:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 17:56 - 2015-09-24 16:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 17:56 - 2015-09-24 15:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 17:56 - 2015-09-16 23:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 17:56 - 2015-09-16 23:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 17:56 - 2015-09-16 23:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 17:56 - 2015-09-16 23:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 17:56 - 2015-09-16 23:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 17:56 - 2015-09-16 23:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 17:56 - 2015-09-16 23:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 17:56 - 2015-09-16 22:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 17:56 - 2015-09-16 22:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 17:56 - 2015-09-16 22:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:56 - 2015-09-16 22:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 17:56 - 2015-09-16 22:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 17:56 - 2015-09-16 22:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 17:56 - 2015-09-16 22:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 17:56 - 2015-09-16 22:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 17:56 - 2015-09-16 22:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 17:56 - 2015-09-16 22:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 17:56 - 2015-09-16 22:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 17:56 - 2015-09-16 22:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 17:56 - 2015-09-16 22:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:56 - 2015-09-16 22:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 17:56 - 2015-09-16 22:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 17:56 - 2015-09-16 22:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-30 13:40 - 2015-09-30 13:40 - 00002347 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-30 13:39 - 2015-09-30 13:40 - 00929872 _____ (Google Inc.) C:\Users\Tom\Downloads\ChromeSetup.exe
2015-09-30 01:27 - 2015-09-30 01:27 - 00000000 ____D C:\Users\Tom\AppData\Roaming\OpenOffice
2015-09-30 01:26 - 2015-09-30 01:26 - 07846992 _____ (Microsoft Corporation) C:\Users\Tom\Downloads\OneDriveSetup.exe
2015-09-30 01:25 - 2015-09-30 01:25 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-09-30 01:25 - 2015-09-30 01:25 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-09-30 01:24 - 2015-09-30 01:25 - 00929872 _____ (Google Inc.) C:\Users\Tom\Downloads\googledrivesync (2).exe
2015-09-30 01:24 - 2015-09-30 01:24 - 00000000 ____D C:\Users\Tom\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
2015-09-30 01:24 - 2015-09-30 01:24 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-09-30 01:20 - 2015-09-30 01:23 - 140852175 _____ C:\Users\Tom\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2015-09-30 00:36 - 2015-09-30 00:43 - 00000000 ____D C:\Users\Tom\AppData\Roaming\WinPatrol
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\ProgramData\InstallMate
2015-09-30 00:36 - 2015-09-30 00:36 - 00000000 ____D C:\Program Files (x86)\Ruiware
2015-09-30 00:35 - 2015-09-30 00:35 - 01292424 _____ (Ruiware) C:\Users\Tom\Downloads\wpsetup.exe
2015-09-29 23:01 - 2015-09-29 23:01 - 00204496 _____ (Malwarebytes) C:\Users\Tom\Downloads\startuplite-setup-1.07.exe
2015-09-29 22:27 - 2015-10-06 17:47 - 00000000 ____D C:\FRST
2015-09-29 22:24 - 2015-10-06 17:47 - 02193920 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2015-09-29 22:22 - 2015-09-29 22:22 - 00688992 ____R (Swearware) C:\Users\Tom\Downloads\dds.scr
2015-09-29 16:18 - 2015-09-29 16:18 - 00507832 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\tos_sps64.sys
2015-09-29 15:53 - 2015-09-29 15:53 - 00000000 ____D C:\$SysReset
2015-09-29 02:08 - 2015-09-29 02:08 - 00000000 ____D C:\Users\Tom\AppData\Local\Foxit Reader
2015-09-28 07:18 - 2015-09-28 07:18 - 00015248 _____ C:\Users\Tom\Downloads\september 22.odt
2015-09-21 07:08 - 2015-09-21 07:08 - 00016324 _____ C:\Users\Tom\Downloads\september 8.odt
2015-09-16 09:57 - 2015-10-05 16:46 - 00000000 ____D C:\Users\Tom\AppData\Local\Avg
2015-09-15 15:43 - 2015-09-29 15:59 - 00000000 ____D C:\Users\Public\Foxit Software
2015-09-15 15:43 - 2015-09-15 15:43 - 00002233 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-09-15 15:43 - 2015-09-15 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-09-14 18:10 - 2015-09-14 18:11 - 00000000 ____D C:\Users\Tom\Desktop\Rose
2015-09-09 17:22 - 2015-09-14 07:50 - 00001166 _____ C:\Users\Tom\Downloads\debug.log
2015-09-09 08:00 - 2015-08-26 23:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 08:00 - 2015-08-26 23:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(2923).dll
2015-09-09 08:00 - 2015-08-26 23:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 08:00 - 2015-08-26 22:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 08:00 - 2015-08-26 22:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 08:00 - 2015-08-26 22:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 08:00 - 2015-08-26 22:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive(3143).dll
2015-09-09 08:00 - 2015-08-26 22:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 08:00 - 2015-08-26 22:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 08:00 - 2015-08-26 22:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 08:00 - 2015-08-26 22:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon(3149).exe
2015-09-09 08:00 - 2015-08-26 22:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 08:00 - 2015-08-26 22:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct(3053).dll
2015-09-09 08:00 - 2015-08-26 22:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 08:00 - 2015-08-26 22:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 08:00 - 2015-08-26 22:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 08:00 - 2015-08-26 22:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 08:00 - 2015-08-26 22:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 08:00 - 2015-08-26 22:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 08:00 - 2015-08-26 22:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 08:00 - 2015-08-26 22:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 08:00 - 2015-08-26 22:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 08:00 - 2015-08-26 22:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 03:23 - 2015-09-09 03:23 - 00023152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys
2015-09-07 08:22 - 2015-09-07 08:22 - 00016150 _____ C:\Users\Tom\Downloads\september 1.odt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-06 17:46 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-06 17:44 - 2015-07-10 05:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-06 17:40 - 2015-07-07 16:29 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA.job
2015-10-06 17:30 - 2012-11-17 10:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-06 17:29 - 2015-08-11 19:37 - 00000000 ____D C:\Users\Tom\OneDrive
2015-10-06 17:29 - 2014-01-30 20:46 - 00000000 ___RD C:\Users\Tom\Google Drive
2015-10-06 17:29 - 2012-04-05 03:19 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-06 17:23 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-06 16:55 - 2012-04-05 03:19 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-06 16:05 - 2012-11-17 10:25 - 00000000 ____D C:\ProgramData\MFAData
2015-10-06 13:49 - 2013-11-11 09:57 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8A1DC5D4-3385-455E-808A-DC4EC55203EB}
2015-10-06 10:37 - 2013-01-04 08:00 - 02052096 ___SH C:\Users\Tom\Desktop\Thumbs.db
2015-10-06 08:33 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-06 08:33 - 2012-10-30 14:37 - 00001890 ___SH C:\ProgramData\KGyGaAvL.sys
2015-10-06 00:39 - 2015-07-07 16:29 - 00000872 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core.job
2015-10-05 18:22 - 2014-06-18 00:38 - 00007606 _____ C:\Users\Tom\AppData\Local\resmon.resmoncfg
2015-10-05 16:57 - 2015-08-11 19:13 - 00881010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-05 16:50 - 2015-07-10 05:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 16:49 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-05 16:45 - 2015-08-16 11:17 - 00000000 ____D C:\ProgramData\AVG2015
2015-10-05 16:45 - 2015-07-22 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-05 16:45 - 2012-11-17 10:28 - 00000000 ___HD C:\$AVG
2015-10-05 16:44 - 2015-07-10 04:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-05 16:43 - 2012-11-17 10:28 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-05 16:16 - 2015-08-11 18:52 - 00000000 ____D C:\Users\Tom
2015-10-05 07:22 - 2012-03-01 23:19 - 00000000 ____D C:\Users\Tom\Documents\Kitty
2015-10-05 07:06 - 2012-11-01 16:56 - 00000000 ____D C:\Users\Tom\Documents\VCheck
2015-10-02 15:42 - 2012-10-28 10:37 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Dropbox
2015-10-02 08:30 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 07:35 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 07:31 - 2015-08-11 18:37 - 00068624 _____ C:\WINDOWS\PFRO.log
2015-10-01 15:52 - 2015-07-10 03:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-01 14:51 - 2013-06-13 08:26 - 00000000 ____D C:\Users\Tom\Desktop\Stuff to Sell
2015-10-01 14:46 - 2012-10-28 08:29 - 00116616 _____ C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-01 05:03 - 2015-07-10 02:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-30 15:07 - 2013-01-09 08:04 - 16155648 ___SH C:\Users\Tom\Downloads\Thumbs.db
2015-09-30 02:04 - 2015-03-09 16:37 - 00002096 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2015-09-30 01:29 - 2015-07-10 05:20 - 00416304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-30 01:26 - 2015-08-11 20:13 - 00002380 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-30 01:25 - 2014-01-30 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-09-29 16:37 - 2015-07-10 05:20 - 00026646 _____ C:\WINDOWS\setupact.log
2015-09-29 16:36 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-29 16:13 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-29 16:13 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-29 16:13 - 2013-06-25 21:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Garmin
2015-09-29 16:12 - 2014-02-01 10:58 - 00000000 ____D C:\Program Files (x86)\Quicken
2015-09-29 16:12 - 2014-01-10 14:38 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-09-29 16:12 - 2013-11-12 10:43 - 00000000 ____D C:\ProgramData\opencpn
2015-09-29 16:12 - 2012-04-05 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-29 16:04 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\registration
2015-09-29 16:00 - 2012-10-30 17:20 - 00000000 ____D C:\Users\Tom\Documents\Canon
2015-09-29 16:00 - 2012-10-28 13:38 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2015-09-29 16:00 - 2010-07-20 19:34 - 00000000 ____D C:\Users\Tom\Documents\Business
2015-09-29 16:00 - 2010-07-20 19:31 - 00000000 ____D C:\Users\Tom\Documents\Boat
2015-09-29 15:59 - 2015-09-05 01:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-09-29 15:59 - 2015-08-27 15:16 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files\MSBuild
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-29 15:59 - 2015-08-11 19:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-29 15:59 - 2015-08-11 19:03 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-29 15:59 - 2015-08-11 19:03 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-29 15:59 - 2015-08-11 18:55 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-09-29 15:59 - 2015-08-11 18:46 - 00000000 ____D C:\Program Files\Realtek
2015-09-29 15:59 - 2015-07-10 06:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-09-29 15:59 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-09-29 15:59 - 2015-07-10 02:05 - 00000000 __RHD C:\Users\Default
2015-09-29 15:59 - 2015-07-07 16:29 - 00000000 ____D C:\Users\Tom\AppData\Local\Dropbox
2015-09-29 15:59 - 2015-07-07 15:55 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-29 15:59 - 2015-07-07 15:55 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-09-29 15:59 - 2015-02-04 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenCPN
2015-09-29 15:59 - 2015-02-03 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-09-29 15:59 - 2014-12-22 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oso Software
2015-09-29 15:59 - 2014-10-07 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2015-09-29 15:59 - 2014-01-30 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-09-29 15:59 - 2014-01-19 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caminova
2015-09-29 15:59 - 2013-11-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ford Motor Company
2015-09-29 15:59 - 2013-07-13 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-09-29 15:59 - 2013-07-03 06:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-09-29 15:59 - 2013-02-19 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-09-29 15:59 - 2013-02-19 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-09-29 15:59 - 2012-11-01 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-29 15:59 - 2012-10-30 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office X5
2015-09-29 15:59 - 2012-10-28 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Better Homes and Gardens
2015-09-29 15:59 - 2011-11-08 00:14 - 00000000 ____D C:\Program Files (x86)\Toshiba
2015-09-29 15:59 - 2011-11-08 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-09-29 14:49 - 2015-08-16 11:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Avg2015
2015-09-21 20:52 - 2013-11-02 11:52 - 00000000 ____D C:\Users\Tom\Desktop\Boat Docs
2015-09-17 09:00 - 2012-10-28 09:08 - 00000000 ____D C:\Users\Tom\Documents\Quicken
2015-09-16 21:30 - 2015-07-10 02:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI(2834)
2015-09-15 15:44 - 2012-11-05 00:01 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Foxit Software
2015-09-15 09:45 - 2014-12-22 15:35 - 00011014 _____ C:\Users\Tom\Desktop\Boat work list.xlsx
2015-09-14 18:10 - 2014-12-28 16:52 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2015-09-14 17:53 - 2013-08-25 07:37 - 00000000 ____D C:\Users\Tom\Desktop\Lincoln Pics
2015-09-14 16:15 - 2013-11-02 10:19 - 00000000 ____D C:\Users\Tom\Desktop\Navigation
2015-09-14 12:49 - 2012-04-05 03:19 - 00003978 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-14 12:49 - 2012-04-05 03:19 - 00003746 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 09:27 - 2015-08-11 19:30 - 00000000 ____D C:\Windows.old
2015-09-11 15:59 - 2013-11-25 02:48 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2015-09-11 07:08 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-09 12:53 - 2012-10-28 08:59 - 00000000 ____D C:\Users\Tom\AppData\Local\Google
2015-09-09 08:15 - 2012-11-01 16:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 08:13 - 2013-08-14 13:10 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2013-03-28 21:22 - 2013-03-28 21:22 - 0038465 _____ () C:\Users\Tom\AppData\Roaming\Comma Separated Values (DOS).ADR
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\System Image Utility
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\SystemConfiguration
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Tables
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Techno Kit
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\Users\Tom\AppData\Roaming\Trumpet Section
2014-06-18 00:38 - 2015-10-05 18:22 - 0007606 _____ () C:\Users\Tom\AppData\Local\resmon.resmoncfg
2015-02-03 20:43 - 2015-02-03 20:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-10-30 14:37 - 2015-10-06 08:33 - 0001890 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-12-28 16:50 - 2014-12-28 16:50 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-12-28 16:52 - 2015-09-14 18:10 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-12-28 16:50 - 2014-12-28 16:58 - 0000020 ____H () C:\ProgramData\PKP_DLeu.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\ProgramData\Textures
2014-12-28 16:52 - 2014-12-28 16:52 - 0000268 ___RH () C:\ProgramData\Themes
2014-12-28 16:50 - 2014-12-28 16:50 - 0000268 ___RH () C:\ProgramData\Track Settings
2014-12-28 16:50 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\User Pictures
2014-12-28 16:52 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2014-12-28 16:52 - 2014-12-28 16:52 - 0000012 ___RH () C:\ProgramData\WebServer
2014-12-28 16:50 - 2014-12-28 16:50 - 0000012 ___RH () C:\ProgramData\Woodwind
2012-04-05 03:15 - 2012-04-05 03:16 - 0000108 _____ () C:\ProgramData\{2637C347-9DAD-11D6-9EA2-00055D0CA761}.log

Some files in TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\Checkupdate.exe
C:\Users\Tom\AppData\Local\Temp\Execute2App.exe
C:\Users\Tom\AppData\Local\Temp\FDC7.exe
C:\Users\Tom\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Tom\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Tom\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Tom\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Tom\AppData\Local\Temp\HPPSdr.exe
C:\Users\Tom\AppData\Local\Temp\msvcp90.dll
C:\Users\Tom\AppData\Local\Temp\msvcr90.dll
C:\Users\Tom\AppData\Local\Temp\yef0g7eq.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-01 01:40

==================== End of FRST.txt ============================
yotboss
Active Member
 
Posts: 7
Joined: September 30th, 2015, 1:34 am
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby yotboss » October 6th, 2015, 8:56 pm

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Tom (2015-10-06 17:49:52)
Running from C:\Users\Tom\Desktop
Windows 10 Pro (X64) (2015-08-12 02:36:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2395183170-2378603555-2842505502-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2395183170-2378603555-2842505502-503 - Limited - Disabled)
Guest (S-1-5-21-2395183170-2378603555-2842505502-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2395183170-2378603555-2842505502-1009 - Limited - Enabled)
Tom (S-1-5-21-2395183170-2378603555-2842505502-1000 - Administrator - Enabled) => C:\Users\Tom
wurco_000 (S-1-5-21-2395183170-2378603555-2842505502-1005 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AVG (HKLM\...\AvgZen) (Version: 1.12.1.20806 - AVG Technologies)
AVG (Version: 16.4.7161 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4435 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.4.7161 - AVG Technologies)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.0.444 - AVG Technologies)
AVG Zen (Version: 1.12.62 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Better Homes and Gardens Home Designer 7.0 (HKLM-x32\...\{0D503B8E-97E3-45B7-96CB-4936269B902C}) (Version: 7.0 - Chief Architect Inc)
Better Homes and Gardens Home Designer 7.0 Training Videos (HKLM-x32\...\{3419BF10-127A-42EB-9723-9A611AEBE853}) (Version: 1.00.000 - ART Inc)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
Canon MF4320-4350 (HKLM\...\{99A5569D-9F86-4f32-A227-1538B731DA42}) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CIR Tool Kit (HKLM-x32\...\{2FAECEAF-0EBE-48FF-B60A-B4577C0EFDAB}) (Version: 2.2.2011.128 - Nuvoton Technology Corp)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WordPerfect Office - iFilter 64 Bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.01.000 - Corel Corporation)
CyberLink PowerCinema for TOSHIBA (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 7.1.5608 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.3021 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeltaCad (HKLM-x32\...\DeltaCad) (Version: 8.0.20140328 - Midnight Software, Inc.)
Document Express DjVu Plug-in (HKLM-x32\...\{2E8C03EC-E09F-4868-A4AC-02B9285D3E09}) (Version: 6.1.31831 - Caminova, Inc.)
Dropbox (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FMW 1 (Version: 1.12.3 - AVG Technologies) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.135.908 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Garmin BlueChart Americas v9 (HKLM-x32\...\{254A2683-4128-47B1-85DF-7690E6119EC6}) (Version: 9.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin BlueChart Pacific v9 (HKLM-x32\...\{A9BD2245-D38A-4645-8C60-BB141176ADDF}) (Version: 9.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Apps Migration For Microsoft Outlook® 3.4.27.52 (HKLM-x32\...\{65960C6E-BFA2-4FE7-A1BC-8028F3072566}) (Version: 3.4.27.52 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.410.1100 (HKLM-x32\...\{799A7E2B-388F-4BDE-B55B-47AF42C6440A}) (Version: 3.7.410.1100 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Drive (HKLM-x32\...\{CF772DD2-4767-49AE-B764-EACA6F6CD9AE}) (Version: 1.25.0286.7715 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HP Officejet Pro 6830 Basic Device Software (HKLM\...\{98040AB6-D667-409C-81E7-DB65836B3EE0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Officejet Pro 6830 Help (HKLM-x32\...\{28693307-6F99-4B5D-9FA3-4D9132DDA716}) (Version: 34.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
MC782ML_MC582ML (HKLM\...\{CEA241FD-11FF-442B-BDCA-DAB9E7AE2109}) (Version: 6.111.16 - YUAN)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Media Go (HKLM-x32\...\{8D92969D-A6A3-44C8-9D63-D377E94F44B5}) (Version: 2.6.205 - Sony)
Media Go Video Playback Engine 2.0.106.08290 (HKLM-x32\...\{49D9CE9D-C8B7-B941-90E1-608044A0FC8D}) (Version: 2.0.106.08290 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Photo Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0706 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\MyFreeCodec) (Version: - )
MyHarmony (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NextWindow DesktopTouch Driver Package (HKLM\...\{77DBAEBC-6068-4524-BA13-030DB378C871}) (Version: 1.1.017 - NextWindow)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
nRoute (HKLM-x32\...\{AE97D691-DB7D-4735-8D6D-0E0164F75B94}) (Version: 2.6.1 - )
OpenCPN 4.0.0 (HKLM-x32\...\OpenCPN 4.0.0) (Version: 4.0.0 - opencpn.org)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.14 - Nikon)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Product Improvement Study for HP Officejet Pro 6830 (HKLM\...\{96ABEAD3-67AE-4BF7-8A16-F745352049B3}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.82 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.1 - Renesas Electronics Corporation) Hidden
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Short Movie Creator (HKLM-x32\...\{B2817391-97C2-4A88-A952-14920594BD62}) (Version: 1.3.1 - Nikon)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SkyShellEx(x86) (HKLM-x32\...\{044D80FE-E0C3-4DDB-851A-9AD72CBC1CB1}) (Version: 1.0.1 - Coronox)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.) Hidden
Sony PC Companion 2.10.281 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony)
SYNC Volume Control v1.0.81 (HKLM-x32\...\SYNC Volume Control_is1) (Version: - Ford Motor Company)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
ThreatFire (HKLM-x32\...\3554AA4B-9B0B-451a-A269-2B5F53982209_is1) (Version: - PC Tools)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{B1DC5682-7B85-400C-BB47-7DA0E1E9CAAA}) (Version: 1.3.6.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.6.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1009.3 - TOSHIBA CORPORATION)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.9 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.3.64WW2 - TOSHIBA Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{27C3DB42-A9C1-4B44-A164-93849D160D12}) (Version: 5.3.49.124 - Toshiba Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.29 - TOSHIBA Corporation)
Toshiba Wireless HID driver (HKLM-x32\...\{A190562C-BD9C-49CD-8C52-944A5256062E}) (Version: 1.00.006 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VersaCheck Platinum 2007 (HKLM-x32\...\{7AA8968B-E188-4F38-A718-A954BE3DDBCE}) (Version: 9.0.17.1 - G7 Productivity Systems, Inc.)
VesselLog (HKLM-x32\...\{7A2C8626-8F9A-4E57-AC10-EBB1A261F849}) (Version: 1.02.5000 - Oso Software)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.1 - Nikon)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.13 - WildTangent) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone Engineering Flashing Tool (HKLM\...\{47135C88-5123-46AF-B9AF-26F4287A6401}) (Version: 04.08.2134.00 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
WordPerfect Lightning - IPM (x32 Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - Messages (x32 Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - MSOM (x32 Version: 1.1 - Corel Corporation) Hidden
WordPerfect Lightning (x32 Version: 2.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Common (x32 Version: 15.1 - Corel Corporation) Hidden
Wordperfect Office X5 - EN (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Filters (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Graphics (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - IPM (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - LegalTools (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Migration Manager (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Oxford (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PerfectExperts EN (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PR (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - QP (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Setup Files (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Sharepoint (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Skins (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - System EN (x32 Version: 15.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Templates (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WP (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WT (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 (HKLM-x32\...\_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}) (Version: 15.0.0.431 - Corel Corporation)
WordPerfect Office X5 (x32 Version: 15.1 - Corel Corporation) Hidden
Xmarks for IE (HKLM-x32\...\{F0FEA296-3D00-4B6F-A70B-B73F0F305EA2}) (Version: 127.0.176 - Xmarks)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

05-10-2015 16:42:49 Installed AVG 2016
05-10-2015 16:43:33 Installed AVG

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2015-09-05 01:38 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D94218-A034-415D-BC28-DC730D07DC9A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {059F428C-6201-4480-B633-3154F47249AE} - System32\Tasks\START SKYDRIVE => C:\WINDOWS\System32\SkyDrive.exe
Task: {063A2B88-1EC7-4D8B-A198-E2CC7D444608} - System32\Tasks\{1FDA97D9-C5C7-4DC7-AEB6-BFF961B0B1CF} => pcalua.exe -a "C:\Program Files (x86)\Canon\MF Toolbox Ver4.9\Uninst.exe"
Task: {07BD9D02-0E91-4045-8B68-15CCCAB108B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {0AD34D34-373A-4E60-8A8F-56F7F42FB364} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {193B42C4-FF7D-4634-A3B2-7E2180FE033D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2015-07-10] (Microsoft Corporation)
Task: {1F39C24D-3BD7-46C8-9CC6-1EE3360C8180} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-29] (Adobe Systems Incorporated)
Task: {207A6DA4-EA7A-47CD-AC97-D9C55101EDC2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {241B40A3-FEDE-4239-9474-59539C8668F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2668C326-4B35-4E0D-9E61-22BFD8B71169} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {26A082B9-B2A8-487D-A850-CCF48E1AFCAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-07] (Dropbox, Inc.)
Task: {2ABD43E7-9D0B-4057-8D84-BBD5B3338944} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2C2B0FC0-0415-48E6-B8C8-797418A4162C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {2DA97C99-AD05-42F0-9327-B7D3BB06E60D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3E3BB8C5-0434-4846-B370-A88E7A6820D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4F21BA03-688D-47F8-AFA1-8979196F443B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {5492D24F-EEBC-4598-B339-B17D4731580C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {56F12978-AA2B-4E93-8122-2EDE98922D98} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {5AC9D130-7033-4AFC-8A4C-7068660D3377} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {62D75334-0429-4050-A1A9-9A4110E8072E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {651F15A4-0FEC-4447-B3BB-8A153534BA92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {67E7D53B-4CC3-43BC-90B5-3D2FAC55DA68} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6C19620D-B929-4D97-AC88-38BD5C67604D} - System32\Tasks\HP AR Program Upload - a73ab8b3d315444f89a4ec6a229687b0b7927a66769946dc9b7edd3d8ae37e55 => C:\Program Files\HP\HP Officejet Pro 6830\bin\HPRewards.exe [2014-07-18] (TODO: <Company name>)
Task: {6D306FF6-D47B-443B-884C-5A267DC91B71} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7AC4C1A9-C836-4367-B543-5DB06BBF2EEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-07-11] (Hewlett-Packard Company)
Task: {7AD6A013-58A1-4AAD-A945-D399540B6586} - System32\Tasks\{137E5E92-1F2E-4FF6-A51C-1E3E08E6C9B7} => pcalua.exe -a C:\Users\Tom\Desktop\ToolBox_4911mf16_Win_EN\Setup.exe -d C:\Users\Tom\Desktop\ToolBox_4911mf16_Win_EN
Task: {7FFA5F5B-2F0F-4CEF-893E-8FE982E31A28} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {80012D4E-64AB-4A1C-9AB6-31C6AB5C1050} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {823384EE-1933-4ADD-B3B1-3FD9058E2DE2} - System32\Tasks\{F552A0C9-CDD4-489C-BB2E-775D5F13EB6C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {82B51EF5-7466-4714-BB39-FEB35F628E4E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {82E24CC3-C7F7-4472-A507-477C801E4D7C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {86EB4252-1117-4DE6-BB01-FFE88C7CF533} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8DE5FB7D-4110-4512-B5FF-B1AE064FBD84} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {995B9208-9A1D-4D01-AADE-6EAFD0ED667F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A350CF7A-7C8D-4B00-8DD3-06E7709D535C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A4BA8CDE-C519-48D2-B259-F7B9B87FEE47} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {A62ADFB8-C0D3-497B-85A8-A1CAAF0F6ADC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-07] (Dropbox, Inc.)
Task: {A815EEE1-7439-4F95-8CA6-D6D3E53EC550} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A9B40EC1-2387-4DCA-BDFF-D1F050CBBB3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A9FA280A-D96C-426F-B76C-2BBFD7C017E4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AA6B5C00-DD2D-4741-969F-328387928864} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {AAF2F022-796B-44A1-A391-840A88AAC962} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {AFA6DD93-1AA6-4880-9843-36C2C73D7A92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B47B6B1E-1461-4608-A375-D1CA8C2E7414} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B71BD0EA-ECD1-4AA3-97A9-E53BF9AE2DD6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C498B8B9-3E6F-4330-BDE0-271B76884A42} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [2014-07-18] (Hewlett-Packard Development Company, LP)
Task: {CCB6E1C4-05D8-48C9-AB9A-E22B5BA0CFB3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D092317C-4C1F-4C08-8FDF-2BA7691D26BF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D45F4065-CEEF-41C1-9D10-8937933E5545} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {DEA12AD2-7C36-47F4-92A5-788DB03B849B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EE456DE2-194E-42AC-850B-59089279192E} - System32\Tasks\{C6C04AAB-D9B4-4ABD-82AC-952EA5296AA7} => pcalua.exe -a "C:\Users\Tom\Desktop\Printer Driver\ToolBox_4911mf16_Win_EN\Setup.exe" -d "C:\Users\Tom\Desktop\Printer Driver\ToolBox_4911mf16_Win_EN"
Task: {F477E358-C01E-4284-94D3-D3D17DFE8B9C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FA2B30AF-C20C-481B-A38B-4DA7470AC239} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core.job => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA.job => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 04:00 - 2015-07-10 04:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-11 19:29 - 2015-08-11 19:29 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 11:03 - 2015-08-11 02:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-04-27 14:10 - 2014-04-27 14:10 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2015-09-30 17:59 - 2015-09-16 23:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 17:59 - 2015-09-16 23:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-30 17:58 - 2015-09-16 22:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 17:59 - 2015-09-16 22:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 17:56 - 2015-09-16 22:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 17:58 - 2015-09-16 22:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 17:59 - 2015-09-16 22:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:00 - 2015-07-10 06:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2011-06-09 21:09 - 2011-06-09 21:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-06-01 21:00 - 2015-08-12 22:08 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-27 14:10 - 2014-04-27 14:10 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2015-10-06 17:29 - 2015-10-06 17:29 - 00098816 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32api.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00110080 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\pywintypes27.dll
2015-10-06 17:29 - 2015-10-06 17:29 - 00364544 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\pythoncom27.dll
2015-10-06 17:29 - 2015-10-06 17:29 - 00046080 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_socket.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 01208320 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_ssl.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00320512 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32com.shell.shell.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00776704 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_hashlib.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 01176576 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._core_.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00806400 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._gdi_.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00816128 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._windows_.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 01067008 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._controls_.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00733184 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._misc_.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00682496 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\pysqlite2._sqlite.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00088064 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_ctypes.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00119808 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32file.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00108544 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32security.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00007168 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\hashobjs_ext.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00070144 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\usb_ext.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00167936 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32gui.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00018432 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32event.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00128512 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_elementtree.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00127488 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\pyexpat.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00013824 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\common.time34.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00036864 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_psutil_windows.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00038912 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32inet.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00011264 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32crypt.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00077312 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._html2.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00027136 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_multiprocessing.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00020480 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\_yappi.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00035840 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32process.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00686080 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\unicodedata.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00123392 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._wizard.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00024064 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32pipe.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00010240 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\select.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00025600 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32pdh.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00525640 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\windows._lib_cacheinvalidation.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00017408 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32profile.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00022528 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\win32ts.pyd
2015-10-06 17:29 - 2015-10-06 17:29 - 00078848 _____ () C:\Users\Tom\AppData\Local\Temp\_MEI37642\wx._animate.pyd
2015-10-05 16:41 - 2015-10-05 16:41 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2014-06-27 15:36 - 2014-06-27 15:36 - 00107520 _____ () C:\PROGRAM FILES (X86)\XMARKS\IE EXTENSION\zlib1.dll
2015-09-29 22:54 - 2015-09-23 19:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-29 22:54 - 2015-09-23 19:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-29 22:54 - 2015-09-23 19:34 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Downloads\DW2.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\DW2.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\DW2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Downloads\FW Catholic Coffee Morning In Rome.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Best Selfie ever.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Dating Memories.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy (2).eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Hurth rebuild.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\thunderball 7.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\Run: => "9919C2326C0CBD6C8225179850E066432A2C85FF._service_run"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\Run: => "HP Officejet Pro 6830 (NET)"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{22F13FBC-47F9-460B-8B39-0E1CA7963CD0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS010F\HPDiagnosticCoreUI.exe
FirewallRules: [{A5F0CE45-E7AE-4EEC-8169-84622CD1B5FA}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS010F\HPDiagnosticCoreUI.exe
FirewallRules: [{8B75CB1D-8CD1-4F71-ABFC-D9C903E5960F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{39C4F690-F3F7-4F06-B012-823E14FB2EAF}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{30347C0A-8126-4C48-9900-9201DF70E34F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{633681AB-B94B-442B-B004-2AEA64DC1501}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{379CF5E3-1EFD-43FD-A2E4-ABD8B7DF7F84}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{DF1E0079-6259-4571-A211-2411F59564DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{DBDBE194-D09D-467B-923F-B377C89BACF8}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D3E\HPDiagnosticCoreUI.exe
FirewallRules: [{3426872E-35E8-4218-8FC5-03ABA8219A88}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D3E\HPDiagnosticCoreUI.exe
FirewallRules: [{171372CD-012E-4415-AA0E-3E32ACD805C6}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D00\HPDiagnosticCoreUI.exe
FirewallRules: [{B0673230-CD76-452D-8EAE-4153D4D8040D}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D00\HPDiagnosticCoreUI.exe
FirewallRules: [{BD0F028A-6256-4E76-9B75-FC2DCB492396}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS40AA\HPDiagnosticCoreUI.exe
FirewallRules: [{3F555789-6F7B-44F1-B632-58717069BA30}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS40AA\HPDiagnosticCoreUI.exe
FirewallRules: [{8C97AD49-008C-4CC7-BEDC-D146D0F8145A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS763B\HPDiagnosticCoreUI.exe
FirewallRules: [{16C7A288-1543-4FC3-9A60-5A8589CC87A0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS763B\HPDiagnosticCoreUI.exe
FirewallRules: [{4EC70903-65B9-4071-A35E-9B3AEE6C7255}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS717F\HPDiagnosticCoreUI.exe
FirewallRules: [{B77EC497-A153-4690-A39C-DF7826DB3823}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS717F\HPDiagnosticCoreUI.exe
FirewallRules: [{83F61A6C-83A4-4F77-8635-DA9788D814DE}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS70C5\HPDiagnosticCoreUI.exe
FirewallRules: [{3B631803-DBB4-4934-87F9-B0041ADF697A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS70C5\HPDiagnosticCoreUI.exe
FirewallRules: [{5354B881-56BF-41B1-B73B-0AB94DC07C0E}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS708B\HPDiagnosticCoreUI.exe
FirewallRules: [{9913B209-9284-471B-AE76-C7099E707E01}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS708B\HPDiagnosticCoreUI.exe
FirewallRules: [{F2F11E43-D3B3-424F-9178-BD95B5479415}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0EB0\HPDiagnosticCoreUI.exe
FirewallRules: [{56BAD894-4296-4A9C-B232-A7B85B2DFBCB}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0EB0\HPDiagnosticCoreUI.exe
FirewallRules: [{0C1421A8-C162-4A73-9B9B-518BAC5D4B7D}] => (Allow) LPort=26675
FirewallRules: [{FD1AF33E-55CE-4C83-8630-160C354EEE74}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{BF747F2E-B3A6-439C-BB67-8211AA6EDFE5}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{C9170C16-7EA9-4AD3-B509-1FD4B9A15EAF}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS5C1D\HPDiagnosticCoreUI.exe
FirewallRules: [{A3D34E91-3022-4CD1-9F75-35A3F191AAF0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS5C1D\HPDiagnosticCoreUI.exe
FirewallRules: [{4175B015-973F-44DB-9B6C-A66318C1762A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS48E2\HPDiagnosticCoreUI.exe
FirewallRules: [{F5EF40BE-20FE-40B2-A8AE-C02E16E155FA}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS48E2\HPDiagnosticCoreUI.exe
FirewallRules: [{4DD95162-8F7C-4565-A116-B6A0AC84B763}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0B09\HPDiagnosticCoreUI.exe
FirewallRules: [{EA1B006C-3B88-42B3-B417-45E792E951B1}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0B09\HPDiagnosticCoreUI.exe
FirewallRules: [{26E2EDE2-151D-496B-A63C-CB8573BC9CD0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS3F77\HPDiagnosticCoreUI.exe
FirewallRules: [{6C680EBF-6259-48CA-A804-6E6A7455F49B}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS3F77\HPDiagnosticCoreUI.exe
FirewallRules: [{DF10A9D3-E6CD-4EE1-9DC5-1EC309DAD6F1}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS33B8\HPDiagnosticCoreUI.exe
FirewallRules: [{A5979010-A95C-4677-9B55-F18DE03DE5BE}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS33B8\HPDiagnosticCoreUI.exe
FirewallRules: [{1F53FFB4-86AC-4E7D-9485-CD36018F2D86}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1C18\HPDiagnosticCoreUI.exe
FirewallRules: [{0B49D48E-3779-4663-90A4-1C958EF650D5}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1C18\HPDiagnosticCoreUI.exe
FirewallRules: [{5E6597CD-CF20-4088-85A7-2A23563CEF26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CC74F88F-CECF-489B-8808-6D49EEF9AF40}] => (Allow) LPort=5357
FirewallRules: [{D5D2CB5B-F563-4267-99DA-4CB29EECFC1E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe
FirewallRules: [{8AA05DDD-9A82-43EE-B0BB-7E3CEE8263CA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe
FirewallRules: [{96A071A9-643C-4FE0-A167-767A9D61CFA9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe
FirewallRules: [{648BC6A5-9A71-4485-9AD9-5A06A87D2D6E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe
FirewallRules: [{2772F598-3FA3-449D-AC5E-A01F593418A7}] => (Allow) C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4353DDFA-39FC-4B8F-B83A-6CF1D9A8C8F6}] => (Allow) C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{24E5F326-32DB-41C3-BC50-6270FC9F656E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{EB1469D1-3425-4E61-BD81-7C23F9E7655F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4663A039-A918-4685-9F89-7B2DC5E59E3B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{110F8F09-B795-4E18-8601-EDAF855F64AC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FB2BA749-83D8-47F8-ACAD-85E449E51F52}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FAAC4BF9-0125-462E-93AB-F06AFAB37AE4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A1CBBA93-744F-4F2B-A0EC-FE768859C323}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{BD13DB9D-E607-479C-98B2-77767D280E05}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{11347CE2-0EEE-4FE1-97D0-6ECAEEBE2826}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{05187881-50DD-4B24-8D0A-B1DC6A0E8AC1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\DMS\CLMSService.exe
FirewallRules: [{A30E54C2-FF0A-4DB3-84C9-3D9496A52C1D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{4DCA5F35-5A11-4356-8F09-32EED13BAA05}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\PCMService.exe
FirewallRules: [{B2A81AFC-008E-4D98-8D0E-F3502F769487}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\PowerCinema.exe
FirewallRules: [{B3A2BCDE-85F5-4C80-AF5D-AAA369EFFE21}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{65772AA5-1492-4D50-B62D-342D2170CA85}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7EF2027C-BC1B-4891-9BE3-9EBB31C2D0D4}] => (Allow) LPort=1900
FirewallRules: [{7B538319-96E3-4FE0-A5C8-028F16A68612}] => (Allow) LPort=2869
FirewallRules: [{1014BD7D-3480-43F8-B517-61100DCE988F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4DC63B66-19DD-4EEF-A990-7361E5737828}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{DB54F1B5-9B76-4FD6-A2DF-C80A96A7C43E}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{10251F7B-9EA5-426E-9DA8-D02EFB067289}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{AA65C126-B417-4AB1-A59A-1DAAC9BCF4AA}] => (Allow) LPort=7000
FirewallRules: [{40087D0B-AADF-4151-A81E-956A7D6BEB43}] => (Allow) LPort=7000
FirewallRules: [{42ECEC91-7FBC-4ADF-8D3B-71AC8BCE30BC}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [TCP Query User{3116646A-20EF-49D1-BBE2-4F70F878EEB0}C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DFB32837-BDB1-46F1-BEA0-2C0B0A585890}C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8FBAAF33-CCC2-429B-AAE7-9BB854FD28C5}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{71D14E7B-5A24-4E38-BBAF-482DE652A6F8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{6CD1AE6C-C267-4AF5-92D6-52F34EEDEF98}] => (Allow) C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{730AE53B-511E-48BD-BB0D-A250C65F205A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{DD8D9B2D-8517-456D-B129-F374859B818E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{205E089A-2D80-43C2-8B60-5D7CAEF70870}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{13549FB7-3717-447E-AD66-1976199BAB1C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{20497D5B-8C1A-4C7C-880A-4AB906C09F8A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3250C1A7-5C07-46CB-9A64-29B3D34B94AE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{DB412C68-59A9-4240-87FE-8EC79DACD8B5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FD3A6970-7B99-448B-8585-A066C70FB7DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B563D9CD-A1B5-4176-A987-27D703AC5454}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS78F7\HPDiagnosticCoreUI.exe
FirewallRules: [{EAEBE1EC-9523-43CE-A270-E2DE5381D351}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS78F7\HPDiagnosticCoreUI.exe
FirewallRules: [{50599881-305E-43EB-9744-B7C7A7519620}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0522\HPDiagnosticCoreUI.exe
FirewallRules: [{D5DF45DB-0592-42F1-9052-1ED08636BD8C}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0522\HPDiagnosticCoreUI.exe
FirewallRules: [{B5F0FAF7-9EDF-440C-81A4-F6FB8A96F69D}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0557\HPDiagnosticCoreUI.exe
FirewallRules: [{B9227C3B-B66E-47EB-B6F2-26044D06491A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0557\HPDiagnosticCoreUI.exe
FirewallRules: [{C3D253EB-59C1-4709-886C-C60234937387}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{041FDAEA-4F89-4A36-A2C5-CB34FA3CC4D7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{84614ACB-5D40-4196-B989-D14F5EDBFCB4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D2FDE401-3FF4-422D-BFC7-210047A8DB88}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{2D100FBD-24E8-4228-9687-14AFFC49940B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{4E4AB9B3-FBC3-434E-B3EE-192C84EE7B5C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{EF8F4804-94E8-49AB-B4AA-33A372423168}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9CB84EAC-1B79-4C7C-AE69-6645417D6D66}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{2C9CEB96-D50C-49FE-82D7-D315FCBA3D1E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/06/2015 05:30:18 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (10/06/2015 05:25:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023728 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 05:24:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023728 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 05:02:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023728 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 04:53:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023728 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 04:53:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 04:52:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 04:52:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 04:37:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023728 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/06/2015 04:26:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Tom-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (10/06/2015 05:46:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: My Toshiba.

Error: (10/06/2015 05:45:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Windows Camera.

Error: (10/06/2015 05:45:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Microsoft Photos.

Error: (10/06/2015 05:43:00 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (10/06/2015 05:42:57 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (10/06/2015 05:41:57 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (10/06/2015 05:40:55 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (10/06/2015 05:39:54 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (10/06/2015 05:38:54 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (10/06/2015 05:37:54 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


CodeIntegrity:
===================================
Date: 2015-08-11 19:47:26.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athwbx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 43%
Total physical RAM: 8139.84 MB
Available physical RAM: 4558.5 MB
Total Virtual: 13896.84 MB
Available Virtual: 10619.24 MB

==================== Drives ================================

Drive c: (TI106328W0C) (Fixed) (Total:914.47 GB) (Free:723.44 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (KINGSTON) (Removable) (Total:3.77 GB) (Free:2.64 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:4.86 GB) (Free:0 GB) NTFS
Drive g: (Toshiba AIO) (Fixed) (Total:181.44 GB) (Free:160.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 2CC908DC)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=914.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.1 GB) - (Type=17)

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 186.3 GB) (Disk ID: DD5BDD5B)
Partition 1: (Not Active) - (Size=4.9 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=181.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
yotboss
Active Member
 
Posts: 7
Joined: September 30th, 2015, 1:34 am
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby mAL_rEm018 » October 7th, 2015, 10:36 am

Hello yotboss,

Please answer the following questions..
  • Is this computer used for business purposes?
  • What OS did you have prior to installing Windows 10?


Backup your registry using TCRB
  • Download TCRB from the following link TCRB
  • Open Tweaking.com Registry Backup.
  • Click on the Backup Registry tab and ensure that all options are checked.
  • Press on Backup Now.
  • Wait until the backup is complete and exit the program.


SLMGR Windows Script Host - Win 10
  1. Open a search and enter Command into the search field.
  2. Click on Command Prompt or cmd.exe (whichever is found)
    This will open a Command Window ...
    1. Enter slmgr -dlv at the command prompt and press Enter
    2. After a few seconds a Windows Script Host window will open.
    3. Press Ctrl + C to copy the contents of that window.
  3. Open a search and enter Notepad into the search field.
  4. Click on Notepad or notepad.exe (whichever is found)
    This will open an empty Notepad file ...
  5. Press Ctrl + V to paste the contents of Windows Script Host into the empty Notepad file.
  6. Save the file to your Desktop, name it slmgr.txt..
  7. Please paste the contents of the slmgr.txt file in your next reply.


CKScanner
  • Please download CKScanner from Here
  • Save it to your Desktop.
  • Right-Click on CKScanner.exe and select Run as Administrator.
  • Select Search For Files
  • When the scan in finished, click on Save List To File.
  • Open CKFiles.txt on your desktop and post the contents in your next reply.
    Only run CKScanner.exe once.


-----------------------------------------
In your next reply, I would like to see..
  • Answer to my questions
  • slmgr.txt
  • CKFiles.txt
    Please post everything in the order given.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby yotboss » October 7th, 2015, 1:00 pm

This computer is not used for business purposes.

Prior to upgrading to Windows 10, I believe I had Windows 8.1

I was able to perform the registry backup.

---------------------------
Windows Script Host
---------------------------
Software licensing service version: 10.0.10240.16384



Name: Windows(R), Professional edition

Description: Windows(R) Operating System, RETAIL channel

Activation ID: 4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c

Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f

Extended PID: 03612-03308-000-000000-00-1033-10240.0000-2232015

Product Key Channel: Retail

Installation ID: 732751185104969504360318858121381733114592985805037014146950001

Use License URL: https://activation-v2.sls.microsoft.com ... ion=Retail

Validation URL: https://validation-v2.sls.microsoft.com ... slwga.asmx

Partial Product Key: 3V66T

License Status: Licensed

Remaining Windows rearm count: 1001

Remaining SKU rearm count: 1001

Trusted time: 10/7/2015 9:50:33 AM




---------------------------
OK
---------------------------




CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\old computer\phone programs\garmin 2009 north america nt complete - repack by restrected\mobile device maps and gps crack\gmapsupp.unl
c:\old computer\phone programs\garmin 2009 north america nt complete - repack by restrected\mobile device maps and gps crack\sw.unl
c:\old computer\phone programs\garmin 2009 north america nt complete - repack by restrected\pc mapsource crack\all.bat
c:\old computer\phone programs\garmin 2009 north america nt complete - repack by restrected\pc mapsource crack\garminunlocker.exe
c:\old computer\phone programs\microsoft office mobile 6.1 full[h33t]masteruploader\all crackers keygeners and patch makers must read.nfo
c:\program files (x86)\chief architect inc\home designer 7.0\images\plants\~xfrogplants(tm)\trees\deciduous\salix fragilis (crack willow)\adult -- salix fragilis(h675).thm
c:\program files (x86)\chief architect inc\home designer 7.0\images\plants\~xfrogplants(tm)\trees\deciduous\salix fragilis (crack willow)\medium -- salix fragilis(h274).thm
c:\program files (x86)\chief architect inc\home designer 7.0\images\plants\~xfrogplants(tm)\trees\deciduous\salix fragilis (crack willow)\young -- salix fragilis(h156).thm
c:\users\tom\documents\carleton\wall cracks\thumbs.db
c:\users\tom\documents\carleton\wall cracks\zbthumbnail.info
c:\users\tom\documents\downloads\corel_paint_shop_pro_x2_12_00_retail___keygen__h33t___cazor_.torrent
c:\users\tom\documents\downloads\g7ps versacheck 2007 platinum with keygen.iso
c:\users\tom\documents\downloads\g7ps_versacheck_2007_platinum_with_keygen_iso.torrent
c:\users\tom\documents\downloads\corel paint shop pro x2 12.00 retail + keygen [h33t] [cazor]\corel paint shop pro x2 12.00 retail + keygen [h33t] [cazor].rar
c:\users\tom\documents\downloads\corel paint shop pro x2 12.00 retail + keygen [h33t] [cazor]\~utorrentpartfile_13b83285.dat
c:\users\tom\documents\downloads\garmin 2009 north america nt complete - repack by restrected\garmin 2009 north america nt complete - repack by restrected\mobile device maps and gps crack\gmapsupp.unl
c:\users\tom\documents\downloads\garmin 2009 north america nt complete - repack by restrected\garmin 2009 north america nt complete - repack by restrected\mobile device maps and gps crack\sw.unl
c:\users\tom\documents\downloads\garmin 2009 north america nt complete - repack by restrected\garmin 2009 north america nt complete - repack by restrected\pc mapsource crack\all.bat
c:\users\tom\documents\downloads\garmin 2009 north america nt complete - repack by restrected\garmin 2009 north america nt complete - repack by restrected\pc mapsource crack\garminunlocker.exe
c:\users\tom\documents\utilities\convertxtodvd 3.3.4.106e and keygen [1337x]\enjoy and please seed this torrent to help others.txt
c:\users\tom\documents\utilities\convertxtodvd 3.3.4.106e and keygen [1337x]\read me instructions.txt
c:\users\tom\documents\utilities\convertxtodvd 3.3.4.106e and keygen [1337x]\vsoconvertxtodvd3_setup.exe
c:\users\tom\favorites\boat parts\capt. tolley's creeping crack cure.url
scanner sequence 3.ZZ.11.LQNAWZ
----- EOF -----
yotboss
Active Member
 
Posts: 7
Joined: September 30th, 2015, 1:34 am
Top

Re: Sudden blank screen and sporadic slowdown - yikes!

Unread postby Gary R » October 8th, 2015, 12:58 am

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • illegal software key generators
Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW DDS logs :
  • DDS.txt.
  • Attach.txt.
  • Details of the problems you're experiencing.
Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Top
Advertisement
Register to Remove
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 123 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index