View Full Version : Spybot and MSE Find Nothing But I get Pop Ups
bydavidrosen
2015-05-02, 21:12
Hey Everyone,
Just signed up to ask this... I've been getting these Chrome pop-ups that are impossible to close, I end up having to restart the computer or close Chrome from task manager (can't get into Chrome's tab manager because a dialog box pops up that has to be closed and just instantly reopens). All kinds of "your computer is infected" type of pop ups and "don't close this window!" type of stuff. It's a combination of tabs and popups ontop of the tabs. It happens at totally random times. This is a brand new computer, I have both Spybot and Microsoft Security Essentials running and up to date and doing scans. Neither has found any issues. I also have Malware Bytes that I use on occasion. Doesn't find anything either.
Any idea how I can identify what is clearly infecting my system?
Also, I have already tried erasing my Chrome user profile and starting a new one from scratch, but that didn't help (it seemed to for a couple days and then the pop ups started again).
Thanks
:snwelcome:
You need to read this
http://forums.spybot.info/showthread.php?288-quot-BEFORE-You-POST-quot-(Please-read-this-Procedure-Before-Requesting-Assistance)-Updated
http://i.imgur.com/1QYkxTZ.jpg Please download aswMBR (http://public.avast.com/~gmerek/aswMBR.exe) to your desktop.
Double click the aswMBR icon to run it.
Click the Scan button to start scan.
If you are asked to update the Avast Virus database please allow it to do so.
When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
I just want to see the report....Please Do Not Fix Anything
============================================================================
Please download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save it to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
A simple way to check your system: Start --> Computer (right click) --> Properties
http://i24.photobucket.com/albums/c30/ken545/FRST_zps5d956a1a.jpg (http://s24.photobucket.com/user/ken545/media/FRST_zps5d956a1a.jpg.html)
Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Please make sure All Users is checked
Just keep the defaults as in the picture checkmarked
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
bydavidrosen
2015-05-03, 02:03
Thank you so much for taking a look into this for me. Here are my logs:
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-05-02 16:55:03
-----------------------------
16:55:03.158 OS Version: Windows x64 6.1.7601 Service Pack 1
16:55:03.158 Number of processors: 12 586 0x3F02
16:55:03.158 ComputerName: DAVIDROSENSTUDI UserName: PCAudioLabs DAW
16:55:03.488 Initialize success
16:55:14.634 VM: initialized successfully
16:55:14.634 VM: Intel CPU supported
16:55:20.780 VM: disk I/O iaStorA.sys
16:55:55.008 AVAST engine defs: 15050202
16:56:01.188 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000072
16:56:01.189 Disk 0 Vendor: KINGSTON 583A Size: 114473MB BusType: 11
16:56:01.190 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000073
16:56:01.191 Disk 1 Vendor: ST2000DM CC25 Size: 1907729MB BusType: 11
16:56:01.192 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000074
16:56:01.194 Disk 2 Vendor: Crucial_ MU01 Size: 976762MB BusType: 11
16:56:01.195 Disk 3 \Device\Harddisk3\DR3 -> \Device\Scsi\SI31321Port1Path0Target0Lun0
16:56:01.197 Disk 3 Vendor: TOSHIBA_ MX4O Size: 1907729MB BusType: 11
16:56:01.205 Disk 0 MBR read successfully
16:56:01.206 Disk 0 MBR scan
16:56:01.225 Disk 0 Windows 7 default MBR code
16:56:01.228 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 114472 MB offset 2048
16:56:01.230 Disk 0 default boot code
16:56:01.251 Disk 0 scanning C:\Windows\system32\drivers
16:56:05.250 Service scanning
16:56:15.970 Modules scanning
16:56:15.972 Disk 0 trace - called modules:
16:56:15.977 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
16:56:15.979 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa801a9a1790]
16:56:15.981 3 CLASSPNP.SYS[fffff88001d7243f] -> nt!IofCallDriver -> [0xfffffa801a8df880]
16:56:15.983 5 iaStorF.sys[fffff88001d0ef84] -> nt!IofCallDriver -> \Device\00000072[0xfffffa801a30b060]
16:56:16.290 AVAST engine scan C:\Windows
16:56:16.938 AVAST engine scan C:\Windows\system32
16:57:45.075 AVAST engine scan C:\Windows\system32\drivers
16:57:51.499 AVAST engine scan C:\Users\PCAudioLabs DAW
16:58:56.881 AVAST engine scan C:\ProgramData
16:59:56.001 Disk 0 statistics 4265704/0/0 @ 37.67 MB/s
16:59:56.016 Scan finished successfully
17:00:18.789 Disk 0 MBR has been saved successfully to "C:\Users\PCAudioLabs DAW\Documents\MBR.dat"
17:00:18.804 The log file has been saved successfully to "C:\Users\PCAudioLabs DAW\Documents\aswMBR.txt"
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by PCAudioLabs DAW (administrator) on DAVIDROSENSTUDI on 02-05-2015 17:01:51
Running from F:\Downloads
Loaded Profiles: PCAudioLabs DAW (Available profiles: PCAudioLabs DAW)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Code 42 Software) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\GCloud.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Code 42 Software, Inc.) C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Dropbox, Inc.) C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Gigabyte Technology CO.) C:\Program Files\Gigabyte\SmartRecovery2\RPMDaemon.exe
(Microsoft) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
() C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
() C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) F:\Downloads\aswMBR.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7632088 2014-06-10] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Thunderbolt] => C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe [767944 2013-07-22] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-26] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\Gigabyte\SmartRecovery2\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [Artisan 710(Network)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFSA.EXE [223232 2009-02-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [GoogleChromeAutoLaunch_5D2807729758A2B8E21918A1522A5522] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866120 2015-04-27] (Google Inc.)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\MountPoints2: {30d84cf9-95e6-11e4-b827-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\MountPoints2: {3357bd1c-9f7a-11e4-bba7-806e6f6e6963} - notepad SeaToolsDOSguide.EN.txt
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\MountPoints2: {7a709a47-7ad7-11e3-a677-806e6f6e6963} - D:\Launch.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk [2015-01-20]
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
Startup: C:\Users\PCAudioLabs DAW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcaudiolabs.com/
HKU\S-1-5-21-866153256-604687578-3467628321-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-02] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/ig", "hxxp://www.facebook.com/", "hxxp://mbox.pearlsent.com/mail.php?", "hxxp://mbox.bydavidrosen.com/mail.php?", "hxxp://www.google.com/"
CHR Profile: C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Context) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aalnjolghjkkogicompabhhbbkljnlka [2015-03-08]
CHR Extension: (Google Slides) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-08]
CHR Extension: (Entanglement Web App) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-03-08]
CHR Extension: (Angry Birds) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-03-08]
CHR Extension: (Google Docs) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08]
CHR Extension: (Google Drive) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-08]
CHR Extension: (YouTube) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-08]
CHR Extension: (Google Cast) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-03-08]
CHR Extension: (Pushbullet) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-03-08]
CHR Extension: (Google Search) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-08]
CHR Extension: (Google Play Music) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-03-08]
CHR Extension: (Google Sheets) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-08]
CHR Extension: (Chrome Notepad) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2015-03-08]
CHR Extension: (Pdf4Kindle) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fghacdodjfjdcnikcifbjeaomhipabkb [2015-03-08]
CHR Extension: (Chrome Picross) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjohhgoihaajipdgmhohakneklimnepm [2015-03-08]
CHR Extension: (Bookmark Manager) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-29]
CHR Extension: (Pin It Button) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-03-08]
CHR Extension: (Mailto:) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gppbppehiogfokmpligejhaepeopajdf [2015-03-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-08]
CHR Extension: (feedly) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-03-08]
CHR Extension: (Google Keep - notes and lists) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-03-08]
CHR Extension: (Pixlr Editor) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-03-08]
CHR Extension: (Dropbox) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-03-08]
CHR Extension: (HelloSign: Online signatures made easy) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kajjckmbclbffbpecfbiecehkfgopppd [2015-03-08]
CHR Extension: (Any.do Extension) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2015-03-08]
CHR Extension: (Atari - Tempest) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kflkdjocancddgfnbhedkaefjdomdcaf [2015-03-08]
CHR Extension: (SparkChess 7) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2015-03-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (AudioSauna) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2015-03-08]
CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2015-03-08]
CHR Extension: (Poppit!) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-03-08]
CHR Extension: (Reload All Tabs) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\midkcinmplflbiflboepnahkboeonkam [2015-03-08]
CHR Extension: (Plants vs Zombies) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-03-16]
CHR Extension: (Save to Pocket) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-08]
CHR Extension: (Verbatim Search) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\occcfdnjdbgjglcbpolkmjnjillkgbcm [2015-03-08]
CHR Extension: (Gmail) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-08]
CHR Extension: (Canvas Rider) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-03-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CrashPlanService; C:\Program Files (x86)\CrashPlan\CrashPlanService.exe [156440 2014-11-20] (Code 42 Software)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16384 2014-04-16] () [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 GCloud; C:\Program Files (x86)\GIGABYTE\CloudStation\HomeCloud\GCloud.exe [19264 2014-06-18] (Microsoft)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [77600 2014-03-26] (Asmedia Technology)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-13] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [112408 2015-01-19] ()
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-17] (Sandboxie Holdings, LLC)
R3 Scarlett_UAC2Audio; C:\Windows\System32\DRIVERS\Scarlett_UAC2Audio.sys [93568 2014-10-02] (Focusrite Audio Engineering Limited.)
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
U3 aswMBR; \??\C:\Users\PCAUDI~1\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\PCAUDI~1\AppData\Local\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 17:01 - 2015-05-02 17:01 - 00000000 ____D () C:\FRST
2015-05-02 17:00 - 2015-05-02 17:00 - 00002535 _____ () C:\Users\PCAudioLabs DAW\Documents\aswMBR.txt
2015-05-02 17:00 - 2015-05-02 17:00 - 00000512 _____ () C:\Users\PCAudioLabs DAW\Documents\MBR.dat
2015-05-01 20:38 - 2015-05-01 20:38 - 00000000 ____D () C:\Program Files (x86)\steinberg
2015-05-01 18:33 - 2015-05-01 20:41 - 00000000 ____D () C:\ProgramData\Solid State Networks
2015-05-01 18:26 - 2015-05-02 11:16 - 00000280 _____ () C:\Windows\setupact.log
2015-05-01 18:26 - 2015-05-01 18:26 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-01 18:19 - 2015-05-02 11:16 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-05-01 18:19 - 2015-05-01 18:19 - 00006489 _____ () C:\Windows\system32\lvcoinst.log
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-01 18:18 - 2015-03-13 20:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-01 18:18 - 2015-03-13 20:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-01 18:18 - 2015-03-13 20:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-01 18:18 - 2015-03-13 20:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-01 18:18 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-01 18:18 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-01 18:18 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-01 18:18 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-01 18:18 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-01 18:18 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-01 18:18 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-01 18:18 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-01 18:18 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-01 18:18 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-01 18:18 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-30 00:01 - 2015-04-30 00:01 - 00023200 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-04-29 14:42 - 2015-04-29 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt(TM) Software
2015-04-28 17:12 - 2015-04-28 17:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-28 17:12 - 2015-04-28 17:12 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-28 11:35 - 2015-04-01 17:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-28 11:35 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-28 11:35 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-28 11:35 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-28 11:35 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-28 11:35 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-28 11:35 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-28 11:35 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-28 11:35 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-28 11:35 - 2015-03-16 22:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-28 11:35 - 2015-03-16 22:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-28 11:35 - 2015-03-16 22:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-28 11:35 - 2015-03-16 22:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-28 11:35 - 2015-03-16 22:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-28 11:35 - 2015-03-16 22:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-28 11:35 - 2015-03-16 22:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-28 11:35 - 2015-03-16 22:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-28 11:35 - 2015-03-16 22:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-28 11:35 - 2015-03-16 22:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-28 11:35 - 2015-03-16 22:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-28 11:35 - 2015-03-16 22:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-28 11:35 - 2015-03-16 22:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-28 11:35 - 2015-03-16 22:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-28 11:35 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-28 11:35 - 2015-03-16 21:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-28 11:35 - 2015-03-16 21:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-28 11:35 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-28 11:35 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-28 11:35 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-28 11:35 - 2015-03-16 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-28 11:35 - 2015-03-16 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-28 11:35 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-28 11:35 - 2015-03-12 21:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-28 11:35 - 2015-03-12 21:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-28 11:35 - 2015-03-12 21:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-28 11:35 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-28 11:35 - 2015-03-12 21:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-28 11:35 - 2015-03-12 21:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-28 11:35 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-28 11:35 - 2015-03-12 21:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-28 11:35 - 2015-03-12 21:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-28 11:35 - 2015-03-12 20:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-28 11:35 - 2015-03-12 20:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-28 11:35 - 2015-03-12 20:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-28 11:35 - 2015-03-12 20:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-28 11:35 - 2015-03-12 20:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-28 11:35 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-28 11:35 - 2015-03-12 20:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-28 11:35 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-28 11:35 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-28 11:35 - 2015-03-12 20:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-28 11:35 - 2015-03-12 20:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-28 11:35 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-28 11:35 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-28 11:35 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-28 11:35 - 2015-03-12 20:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-28 11:35 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-28 11:35 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-28 11:35 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-28 11:35 - 2015-03-12 20:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-28 11:35 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-28 11:35 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-28 11:35 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-28 11:35 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-28 11:35 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-28 11:35 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-28 11:35 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-28 11:35 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-28 11:35 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-28 11:35 - 2015-03-12 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-28 11:35 - 2015-03-12 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-28 11:35 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-28 11:35 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-28 11:35 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-28 11:35 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-28 11:35 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-28 11:35 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-28 11:35 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-28 11:35 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-28 11:35 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-28 11:35 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-28 11:35 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-28 11:35 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-28 11:35 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-28 11:35 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-28 11:35 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-28 11:35 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-28 11:35 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-28 11:35 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-28 11:35 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-28 11:35 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-28 11:35 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-28 11:35 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-28 11:35 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-28 11:35 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-28 11:32 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-28 11:32 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-28 11:32 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-28 10:24 - 2015-04-28 10:24 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-28 10:24 - 2015-04-28 10:24 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-06 19:39 - 2015-04-07 09:49 - 00000000 ____D () C:\Program Files (x86)\ProjectSAM Downloader
2015-04-06 19:39 - 2015-04-06 19:39 - 00001209 _____ () C:\Users\Public\Desktop\ProjectSAM Downloader.lnk
2015-04-06 19:39 - 2015-04-06 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProjectSAM Downloader
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 16:56 - 2015-01-21 20:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 16:53 - 2015-01-18 10:14 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 15:57 - 2015-01-20 21:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-02 14:32 - 2009-07-13 22:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-02 13:31 - 2015-03-08 16:22 - 00045062 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 11:24 - 2009-07-13 21:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 11:24 - 2009-07-13 21:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 11:23 - 2015-01-27 19:00 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-02 11:22 - 2015-01-27 19:00 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-05-02 11:22 - 2015-01-27 19:00 - 00000000 ____D () C:\Program Files\Java
2015-05-02 11:18 - 2015-01-18 18:28 - 00006469 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-02 11:17 - 2015-01-18 18:40 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2015-05-02 11:16 - 2015-01-18 22:31 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox
2015-05-02 11:16 - 2015-01-18 18:39 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-05-02 11:16 - 2015-01-18 10:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 11:16 - 2015-01-13 23:22 - 00000000 ____D () C:\Windows\Minidump
2015-05-02 11:16 - 2014-01-11 08:46 - 00295124 ____N () C:\Windows\Minidump\050215-21044-01.dmp
2015-05-02 11:16 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 02:00 - 2015-02-09 19:47 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Local\Adobe
2015-05-01 23:33 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-01 21:40 - 2015-01-18 20:55 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Local\Spectrasonics
2015-05-01 20:51 - 2015-01-18 19:31 - 00000000 ____D () C:\ProgramData\Spectrasonics
2015-05-01 20:49 - 2015-01-18 21:12 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\Waves Audio
2015-05-01 20:08 - 2015-01-18 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2015-05-01 18:25 - 2014-01-11 09:13 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\TeamViewer
2015-05-01 18:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-01 18:16 - 2015-01-18 22:31 - 00001011 _____ () C:\Users\PCAudioLabs DAW\Desktop\Dropbox.lnk
2015-05-01 18:16 - 2015-01-18 22:31 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-29 14:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-29 14:42 - 2015-01-18 10:15 - 00000000 ____D () C:\Program Files\Intel
2015-04-28 17:01 - 2014-01-10 18:41 - 00775692 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-28 17:00 - 2014-01-10 17:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-28 16:57 - 2014-01-10 17:52 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-28 15:54 - 2015-01-18 10:14 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-28 11:57 - 2015-01-21 20:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-28 11:57 - 2015-01-21 20:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-28 11:57 - 2015-01-21 20:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-28 10:18 - 2015-01-20 21:36 - 00001634 _____ () C:\Windows\Sandboxie.ini
2015-04-07 10:09 - 2014-01-11 08:46 - 01392504 _____ () C:\DUMP2606.tmp
2015-04-06 19:08 - 2015-01-21 21:22 - 00001927 _____ () C:\Users\Public\Desktop\SONAR Platinum.lnk
2015-04-06 19:08 - 2015-01-20 22:08 - 00000842 _____ () C:\Users\Public\Desktop\Speccy.lnk
2015-04-06 19:08 - 2015-01-20 21:36 - 00001004 _____ () C:\Users\PCAudioLabs DAW\Desktop\Sandboxed Web Browser.lnk
2015-04-06 19:08 - 2015-01-18 21:02 - 00001047 _____ () C:\Users\Public\Desktop\Z3TA+ 2_x64.lnk
2015-04-06 19:08 - 2015-01-18 19:15 - 00001123 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-04-06 19:08 - 2015-01-18 19:14 - 00000868 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-06 19:08 - 2015-01-18 19:12 - 00001016 _____ () C:\Users\PCAudioLabs DAW\Desktop\BREVERB 2.lnk
2015-04-06 19:08 - 2015-01-18 19:08 - 00001112 _____ () C:\Users\Public\Desktop\Dimension Pro x64.lnk
2015-04-06 19:08 - 2015-01-18 18:55 - 00001140 _____ () C:\Users\Public\Desktop\Rapture x64.lnk
2015-04-06 19:08 - 2015-01-18 18:53 - 00001954 _____ () C:\Users\Public\Desktop\SONAR X3 Producer (x64).lnk
==================== Files in the root of some directories =======
2015-01-18 19:10 - 2015-01-18 19:10 - 0297203 _____ () C:\Program Files (x86)\unins000.dat
2015-01-18 19:10 - 2015-01-18 19:10 - 0722680 _____ () C:\Program Files (x86)\unins000.exe
2015-01-18 19:32 - 2015-01-18 21:54 - 0005982 _____ () C:\Program Files (x86)\unins001.dat
2015-01-18 21:54 - 2015-01-18 21:54 - 0718497 _____ () C:\Program Files (x86)\unins001.exe
2015-03-03 09:49 - 2015-03-03 09:49 - 0000132 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-02-12 10:54 - 2015-02-15 10:38 - 0000016 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\msregsvv.dll
2015-02-16 10:23 - 2015-03-07 09:55 - 0001456 _____ () C:\Users\PCAudioLabs DAW\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-02-12 10:54 - 2015-02-15 10:38 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-01-18 18:23 - 2015-01-18 18:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\PCAudioLabs DAW\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmm_txx.dll
C:\Users\PCAudioLabs DAW\AppData\Local\Temp\jre-8u45-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-28 12:18
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by PCAudioLabs DAW at 2015-05-02 17:02:06
Running from F:\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-866153256-604687578-3467628321-500 - Administrator - Disabled)
Guest (S-1-5-21-866153256-604687578-3467628321-501 - Limited - Disabled)
PCAudioLabs DAW (S-1-5-21-866153256-604687578-3467628321-1000 - Administrator - Enabled) => C:\Users\PCAudioLabs DAW
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS B14.0730.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B14.0730.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8DioDownloader (HKLM-x32\...\{B5D46C5B-EAAF-4C73-9DA6-38189DE97C85}) (Version: 0.0.21 - 8Dio Productions)
AAS - Angelicals (HKLM-x32\...\Angelicals) (Version: - Applied Acoustics Systems)
AAS - Cardinals (HKLM-x32\...\Cardinals) (Version: - Applied Acoustics Systems)
AAS - Chromaphone (HKLM-x32\...\Chromaphone) (Version: - Applied Acoustics Systems)
AAS - Cinematheque (HKLM-x32\...\Cinematheque) (Version: - Applied Acoustics Systems)
AAS - Lounge Lizard EP-4 (HKLM-x32\...\Lounge Lizard EP-4) (Version: - Applied Acoustics Systems)
AAS - Microsound Textures (HKLM-x32\...\Microsound Textures) (Version: - Applied Acoustics Systems)
AAS - Ultra Analog VA-2 (HKLM-x32\...\Ultra Analog VA-2) (Version: - Applied Acoustics Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.14.1205 - Gigabyte)
APP Center (x32 Version: 1.14.1205 - Gigabyte) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.9.0001 - Asmedia Technology)
Authorization Wizard Update 2.1 (HKLM-x32\...\{40AFBF62-AB70-49F5-B0FF-D92EA8BD4833}) (Version: 2.1 - EastWest Sounds, Inc)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 (HKLM\...\{E23574BD-9C5E-40EE-876A-02BA6BDE63EF}_is1) (Version: 2.1.8 - Overloud)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 - GIGABYTE)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.77.0.2015 - Georgy Berdyshev)
Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1408.1401 - GIGABYTE)
Cloud Station Server (x32 Version: 1.00.1408.1401 - GIGABYTE) Hidden
Command Center (HKLM-x32\...\{B5C98C54-097A-4B4C-8189-FEF1C79F3638}_is1) (Version: 1.0.1.22820 - Cakewalk Music Software)
Connect (HKLM-x32\...\Connect 2.2.2) (Version: 2.2.2 - Continuata)
CrashPlan (HKLM-x32\...\{F5DF8435-7822-4D0C-88A9-604EC76D0B06}) (Version: 3.7.0 - Code 42 Software)
Dimension Pro 1.5 (HKLM-x32\...\DimensionPro_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Dimension Pro Free Expansion Packs 1-3 (HKLM-x32\...\Dimension Pro Free Expansion Packs 1-3_is1) (Version: 1.0 - Cakewalk)
Dropbox (HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Dropbox) (Version: 3.4.5 - Dropbox, Inc.)
Drum Weapons 2.01 (HKLM-x32\...\Drum Weapons 2.01) (Version: - )
Drum Weapons 3 VSTi - 64 Bit (HKLM-x32\...\{F41C33E6-92A2-4092-A2EA-238FA71FCE14}) (Version: 3.0.2 - Music Weapons)
DVD Architect Pro 6.0 (HKLM-x32\...\{E0E531A2-17C1-11E2-984D-1040F3E7010F}) (Version: 6.0.237 - Sony)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
EPSON Artisan 710 Series Printer Uninstall (HKLM\...\EPSON Artisan 710 Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EWQL Symphonic Choirs (HKLM\...\{BFDBD40C-F650-4847-8EE4-7E083DF4577D}) (Version: 1.2.0 - EastWest Sounds, Inc.)
EZSetup B14.0709.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
EZSetup B14.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.00.0000 - GIGABYTE)
Fast Boot (x32 Version: 1.00.0000 - GIGABYTE) Hidden
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Focusrite Scarlett Family Audio Driver 3.1.10 (HKLM\...\Focusrite Scarlett Family Audio Driver_is1) (Version: 3.1.10 - Focusrite Audio Engineering Limited.)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IK Multimedia Authorization Manager version 1.0.11 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.11 - IK Multimedia)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
iZotope BreakTweaker (HKLM-x32\...\iZotope BreakTweaker_is1) (Version: 1.01 - iZotope, Inc.)
iZotope BreakTweaker Factory Content (HKLM-x32\...\iZotope BreakTweaker Factory Content_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Nectar Elements (HKLM-x32\...\iZotope Nectar Elements_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Ozone 5 (HKLM-x32\...\iZotope Ozone 5_is1) (Version: 5.05 - iZotope, Inc.)
iZotope Ozone 6 (HKLM-x32\...\iZotope Ozone 6_is1) (Version: 6.01 - iZotope, Inc.)
iZotope Ozone 6 Advanced (HKLM-x32\...\iZotope Ozone 6 Advanced_is1) (Version: 6.01 - iZotope, Inc.)
iZotope Stutter Edit (HKLM-x32\...\iZotope Stutter Edit_is1) (Version: 1.05 - iZotope, Inc.)
iZotope Trash 2 (HKLM-x32\...\iZotope Trash 2_is1) (Version: 2.03 - iZotope, Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Melodyne singletrack (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 2.01.0202 - Celemony Software GmbH)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
NationWide_Disc Master Uploader App (HKLM-x32\...\NationWide_Disc Master Uploader App) (Version: - Sonoris Audio Engineering)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.3.0.11 - Native Instruments)
Native Instruments Abbey Road 70s Drummer (HKLM-x32\...\Native Instruments Abbey Road 70s Drummer) (Version: 1.3.0.7 - Native Instruments)
Native Instruments Abbey Road 80s Drummer (HKLM-x32\...\Native Instruments Abbey Road 80s Drummer) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Abbey Road Modern Drummer (HKLM-x32\...\Native Instruments Abbey Road Modern Drummer) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Abbey Road Vintage Drummer (HKLM-x32\...\Native Instruments Abbey Road Vintage Drummer) (Version: 1.3.0.9 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.2.1.1307 - Native Instruments)
Native Instruments Action Strings (HKLM-x32\...\Native Instruments Action Strings) (Version: - Native Instruments)
Native Instruments Alicias Keys (HKLM-x32\...\Native Instruments Alicias Keys) (Version: 1.5.0.1 - Native Instruments)
Native Instruments Balinese Gamelan (HKLM-x32\...\Native Instruments Balinese Gamelan) (Version: 1.2.0.5 - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.4.126 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.0.1.003 - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version: - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.4.199 - Native Instruments)
Native Instruments Cuba (HKLM-x32\...\Native Instruments Cuba) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Damage (HKLM-x32\...\Native Instruments Damage) (Version: 1.4.0.9 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Evolve Mutations (HKLM-x32\...\Native Instruments Evolve Mutations) (Version: - Native Instruments)
Native Instruments Evolve Mutations 2 (HKLM-x32\...\Native Instruments Evolve Mutations 2) (Version: - Native Instruments)
Native Instruments Evolve R2 (HKLM-x32\...\Native Instruments Evolve R2) (Version: 1.6.0.2 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.3.2.1362 - Native Instruments)
Native Instruments George Duke Soul Treasures (HKLM-x32\...\Native Instruments George Duke Soul Treasures) (Version: 1.3.0.15 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version: - Native Instruments)
Native Instruments Komplete 9 Ultimate (HKLM-x32\...\Native Instruments Komplete 9 Ultimate) (Version: - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.2.245 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Kore Player (HKLM-x32\...\Native Instruments Kore Player) (Version: - Native Instruments)
Native Instruments Maschine Drum Selection (HKLM-x32\...\Native Instruments Maschine Drum Selection) (Version: - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.2.419 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: - Native Instruments)
Native Instruments Paranormal Spectrums (HKLM-x32\...\Native Instruments Paranormal Spectrums) (Version: - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Rammfire for Maschine (HKLM-x32\...\Native Instruments Rammfire for Maschine) (Version: - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.7.0.1 - Native Instruments)
Native Instruments RC 24 (HKLM-x32\...\Native Instruments RC 24) (Version: 1.1.1.427 - Native Instruments)
Native Instruments RC 48 (HKLM-x32\...\Native Instruments RC 48) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.1 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.1 - Native Instruments)
Native Instruments Reflektor for Maschine (HKLM-x32\...\Native Instruments Reflektor for Maschine) (Version: - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.0.699 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
Native Instruments Rise and Hit (HKLM-x32\...\Native Instruments Rise and Hit) (Version: 1.0.0.8 - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version: - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version: - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: - Native Instruments)
Native Instruments Scarbee MM-Bass Amped (HKLM-x32\...\Native Instruments Scarbee MM-Bass Amped) (Version: - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version: - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version: - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.0.1093 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Session Strings Pro (HKLM-x32\...\Native Instruments Session Strings Pro) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Skanner (HKLM-x32\...\Native Instruments Skanner) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Sonic Fiction (HKLM-x32\...\Native Instruments Sonic Fiction) (Version: - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.12 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.7 - Native Instruments)
Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.2 - Native Instruments)
Native Instruments Traktors 12 for Maschine (HKLM-x32\...\Native Instruments Traktors 12 for Maschine) (Version: - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments True Strike Tension (HKLM-x32\...\Native Instruments True Strike Tension) (Version: - )
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version: - Native Instruments)
Native Instruments Urban Arsenal (HKLM-x32\...\Native Instruments Urban Arsenal) (Version: - )
Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version: - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.5 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.2 - Native Instruments)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
Nitro Pro 9 (HKLM-x32\...\{1e46fa9b-e926-4d41-a4f6-646a3eb9c438}) (Version: 9.0.5.9 - Nitro)
Nitro Pro 9 (Version: 9.0.5.9 - Nitro) Hidden
Nori Ubukata's 'Sounds of the World' Expansion for SynthMaster 2.5 version 1.0 (HKLM-x32\...\{8177CF9F-5D50-4175-964B-0A3A0AEFCF97}_is1) (Version: 1.0 - KV331 Audio)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.5.0812 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.5.0812 - PACE Anti-Piracy, Inc.) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Play Update 4.2.2 (HKLM\...\{D5A16FC4-9409-4289-921B-E79FBC5E17DB}) (Version: 4.2.2 - EastWest Sounds, Inc)
Poetic Guitar II (HKLM-x32\...\Poetic Guitar II) (Version: 1.0 - Times Concept)
Poetic Guitar II (Version: 1.0 - Times Concept) Hidden
ProjectSAM Downloader (HKLM-x32\...\{46190964-88DD-E51B-72F6-1369F544E70F}) (Version: 4.1 - ProjectSAM)
QL Goliath (HKLM\...\{3F91D767-0BCA-4FCD-8092-E18D5B73602B}) (Version: 1.0.046 - EastWest Sounds, Inc.)
QL Pianos Gold (HKLM\...\{166E363B-435D-4EBB-8243-8FAE51D93D1C}) (Version: 1.2.3 - EastWest Sounds, Inc.)
QL Ra (HKLM\...\{049104BA-45D1-4478-ADF9-28849D73B2A9}) (Version: 1.1.13 - EastWest Sounds, Inc.)
QL Silk (HKLM\...\{433BD3CD-9BEF-40DA-A8A7-6225F2CA4661}) (Version: 1.1.13 - EastWest Sounds, Inc.)
QL Stormdrum 2 (HKLM\...\{E6430723-966F-4BB5-AD6A-6FFC5EDA8617}) (Version: 1.0.056 - EastWest Sounds, Inc.)
QL Voices of Passion (HKLM\...\{3AA35C1A-A4D5-43A2-A3C0-6632A4AF9557}) (Version: 1.2.3 - EastWest Sounds, Inc.)
QL Voices of Passion Sample Library Updater (HKLM-x32\...\{397EC4BB-0919-42CA-A80F-899FBE9ABA00}) (Version: 1.0.005 - EastWest Sounds, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
reFX Nexus 2.6.5 (64-bit) (HKLM-x32\...\{84D04D4F-2201-4AED-BE9A-FFA62069CA19}_is1) (Version: 2.6.5 - reFX Audio Software Inc.)
reFX Slayer 2.6.1 (HKLM-x32\...\reFX Slayer 2.6.1_is1) (Version: - )
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
SampleTank 3 version 3.3.0 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.3.0 - IK Multimedia)
Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Smart Recovery 2 B14.0521.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden
SONAR X3 Producer (x64) (HKLM-x32\...\SONARX3Producer_x64_is1) (Version: 20.0 - Cakewalk Music Software)
Speccy (HKLM\...\Speccy) (Version: 1.27 - Piriform)
Spire Plug-In (x64) (HKLM\...\{CEB34E00-91F6-406B-A211-F0904D117375}) (Version: 1.0.7.0 - Reveal Sound Ltd.)
Spitfire Audio Library Manager (HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\c1cc23f14724b4e8) (Version: 1.0.4.25 - Spitfire Audio LLP)
Spotify (HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Stutter Edit Expansion 1 (HKLM-x32\...\Stutter Edit Expansion 1_is1) (Version: 1.00 - iZotope, Inc.)
Stutter Edit Expansion 2 (HKLM-x32\...\Stutter Edit Expansion 2_is1) (Version: 1.00 - iZotope, Inc.)
Superior Drummer 64-bit (HKLM\...\{0E54CF79-AE40-409E-9253-9563418C730C}) (Version: 2.4.1 - Toontrack)
Superior Drummer 64-bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.3.1 - Toontrack)
SynthMaster 2.6 VST/VSTi/RTAS/AAX (x64) Software Synthesizer version 2.6.21 (HKLM\...\{724D6BD0-88D0-4354-A124-6EE4D36E9EF2}_is1) (Version: 2.6.21 - KV331 Audio)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Thunderbolt(TM) Software (HKLM\...\{A1E0CC92-937C-4D22-8F42-C5BE96F35AC0}) (Version: 1.4.0.1 - Intel(R) Corporation)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D264BD11-6A9B-11E4-A4F7-F04DA23A5C58}) (Version: 13.0.428 - Sony)
Waves Complete V9r26 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.26 - Waves)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WordBuilder PLAY 64 Bit (HKLM\...\{478B410C-8A25-40E9-977D-4D582AB41788}) (Version: 1.0.0 - EastWest Sounds, Inc.)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version: - )
Z3TA+ 2 (x64) (HKLM-x32\...\Z3TA+ 2_x64_is1) (Version: 2.1 - Cakewalk Music Software)
Zero-G Phaedra (HKLM-x32\...\Zero-G Phaedra) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-04-2015 10:24:02 Windows Update
28-04-2015 16:56:40 Windows Update
28-04-2015 17:16:44 Windows Backup
29-04-2015 14:42:50 Installed Thunderbolt(TM) Software
29-04-2015 14:46:08 Windows Backup
29-04-2015 15:00:22 Windows Backup
01-05-2015 18:16:19 Windows Update
01-05-2015 18:18:49 Windows Update
01-05-2015 20:08:21 Configured Waves Complete V9r26
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2015-04-01 08:05 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {109CF5BB-1797-4957-9ABD-BE23FBD5E272} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {15153818-A988-4A7C-9916-9A7AE52B0628} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {1D53EF8B-2274-4A97-B87A-D949702BA0A6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {2E88A08E-CFB4-45AA-856E-56EC25F8F766} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {2EFE7F23-DE68-4261-A79C-6E3E43C2E6E7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {418C60A2-C2E4-47CA-9447-C1581A9DD6D1} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {48A48A81-3878-4C23-8505-2758EC4088DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {529CEF99-3B89-49EE-B1B1-FC0D3D14B525} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {628FC942-C428-4871-B4F0-0ED764CD757B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {871EE1F8-4867-4B8A-9AB8-D32D11342AA6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {A31D5CC1-726D-4140-BE9F-98259D3A0452} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {BD7600DD-F8E4-478C-A848-ED996512B7F9} - System32\Tasks\AdobeAAMUpdater-1.0-DAVIDROSENSTUDI-PCAudioLabs DAW => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F404D59D-408D-40EC-89DA-AA8E1C18B7AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-04-16 17:09 - 2014-04-16 17:09 - 00016384 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2014-12-08 03:10 - 2014-12-08 03:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-18 18:35 - 2015-01-18 18:35 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2015-01-06 06:18 - 2015-01-06 06:18 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2014-01-21 14:36 - 2014-01-21 14:36 - 00015872 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
2014-02-26 20:22 - 2014-02-26 20:22 - 00107008 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
2015-04-28 15:54 - 2015-04-27 16:59 - 01633608 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-28 15:54 - 2015-04-27 16:59 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-28 15:54 - 2015-04-27 16:59 - 26783560 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2014-11-20 09:12 - 2014-11-20 09:12 - 00013312 _____ () C:\Program Files (x86)\CrashPlan\md5.dll
2014-11-20 09:14 - 2014-11-20 09:14 - 00200472 _____ () C:\Program Files (x86)\CrashPlan\cpnative.dll
2012-11-27 09:03 - 2012-11-27 09:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.DLL
2015-03-08 16:49 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-08 16:49 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-08 16:49 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-08 16:49 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-08 16:49 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-21 09:57 - 2009-03-12 16:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2015-01-21 09:57 - 2008-11-21 14:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2015-05-02 11:16 - 2015-05-02 11:16 - 00043008 _____ () c:\Users\PCAudioLabs DAW\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmm_txx.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00750080 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00047616 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00865280 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00200704 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-03-25 14:14 - 2014-03-25 14:14 - 00105984 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ycc.dll
2014-07-09 14:15 - 2014-07-09 14:15 - 00311296 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\MFCCPU.dll
2014-06-17 21:24 - 2014-06-17 21:24 - 00208896 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\MFCSPD.dll
2014-07-31 12:51 - 2014-07-31 12:51 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\BDR_info.dll
2009-07-13 14:03 - 2009-07-13 18:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-06-24 17:08 - 2014-06-24 17:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Microsoft:6k1VkAEgpGeIKqk0jvWeQ4og
AlternateDataStreams: C:\ProgramData\Microsoft:aQcrnlbhVy7sNwglE6AGN
AlternateDataStreams: C:\ProgramData\Microsoft:cgqO7pJgXsqTojdXVMIV7xWOO1
AlternateDataStreams: C:\ProgramData\Microsoft:T7ZsCSn3BZbtfDfECWd
AlternateDataStreams: C:\Users\PCAudioLabs DAW\Cookies:hJ9kGNsqmERXT3KtrAMtWm
AlternateDataStreams: C:\Users\PCAudioLabs DAW\Local Settings:2L8QbVmKqoBZ7dtaIJJKTh6NUR29
AlternateDataStreams: C:\Users\PCAudioLabs DAW\Local Settings:rdQ9yc47ZcYyQBPpo19YgOeb
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local:2L8QbVmKqoBZ7dtaIJJKTh6NUR29
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local:rdQ9yc47ZcYyQBPpo19YgOeb
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local\Application Data:2L8QbVmKqoBZ7dtaIJJKTh6NUR29
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local\Application Data:rdQ9yc47ZcYyQBPpo19YgOeb
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local\Temp:9cmoxKfeYGLPTiDRlE4Ki6C7
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BAAD85C2-19EF-4F77-868B-B908266A75B1}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{27C6C995-B820-4CC2-8DDB-9C95B6D01D59}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0EC0CCD2-DDC1-4E02-91B1-13AAD18BFE8F}] => (Allow) C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{97DDABED-74A3-4ED0-BBFD-C7D25B1CBFAA}] => (Allow) C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{ACDC99BB-9482-451B-897F-D28C09BC1172}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F4B75D5C-A006-4955-814F-3835AB976FFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E7D6EC6F-2517-4EBE-9C03-17AC0E7B5557}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1F06EC03-C06C-4DFC-9D7E-B1CBB84F1830}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{70AE04EA-190E-48F9-BD2F-A92DE4BD1DC0}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [UDP Query User{D7842291-75FA-4083-AF80-23EF8764C4B7}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [{E4BFD02A-363E-4CA3-89CD-CF67537DA54B}] => (Allow) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
FirewallRules: [{7E419ABF-B0AB-436D-BAB0-02C16D314EEB}] => (Allow) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
FirewallRules: [{0073C4D9-79AB-4217-8D47-BE9B9E795F32}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E9A8E273-CD20-47B2-B948-85834D6A73CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B3C4DB58-3932-475B-BDED-8D72656706F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{574F3F43-B693-420B-83C7-11F9D8F096D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E7E8DC1F-D7B3-42E7-ADE7-6322C08DB409}C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe] => (Allow) C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe
FirewallRules: [UDP Query User{C0D3ED47-148D-4449-99A9-5EDA6C42B24C}C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe] => (Allow) C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe
FirewallRules: [{C064DA09-8FC2-4732-86C2-53DCFFBD79F3}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [{ECCC9A0E-12DF-4EBB-9DDD-63588DAB3F90}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [TCP Query User{1180DAB5-4944-4FFE-A597-AE3D9586629B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{257D06AD-D6B4-4446-A936-EE98CE67B338}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{9F47150D-FD81-454C-AA7C-4EB232CD7089}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Allow) C:\program files\cakewalk\shared utilities\vstscan.exe
FirewallRules: [UDP Query User{0000C3CE-9268-460A-8110-DACD8604028E}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Allow) C:\program files\cakewalk\shared utilities\vstscan.exe
FirewallRules: [TCP Query User{14B4C47E-6C38-4E31-992D-975466015B11}C:\program files\cakewalk\sonar platinum\sonarplt.exe] => (Allow) C:\program files\cakewalk\sonar platinum\sonarplt.exe
FirewallRules: [UDP Query User{AD814D75-11BE-4928-B51F-6BE40471F3DF}C:\program files\cakewalk\sonar platinum\sonarplt.exe] => (Allow) C:\program files\cakewalk\sonar platinum\sonarplt.exe
FirewallRules: [TCP Query User{1DB29FB0-3ECE-4020-A047-DD244540907A}C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{51454364-DA2D-4C38-8D8A-C5933721351F}C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{0EA67431-F7CA-48BB-B4F7-B54BDE1ED9B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FA7A5811-225A-4CD2-9718-1CE099DA2271}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [{9D23BE71-0773-4484-A7A0-E32DE85C5FFE}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{A6CF28BA-EF03-4A62-B27D-F5910FB51B5C}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{8266FDEA-F451-4F9C-99B9-C3E3B6883637}] => (Allow) LPort=1980
FirewallRules: [{387D336F-44C2-4BBD-9A53-6ECFE2E1FB97}] => (Allow) LPort=1900
FirewallRules: [{501E0706-78CA-4546-95F2-E274BE63D21B}] => (Allow) LPort=1900
FirewallRules: [{E7955A66-AE1A-436F-8811-10DE86183D18}] => (Allow) LPort=8367
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 04:32:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
System errors:
=============
Error: (05/02/2015 11:16:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (05/02/2015 11:16:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
Error: (05/02/2015 11:16:13 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000d1 (0x00000000000001f0, 0x0000000000000002, 0x0000000000000000, 0xfffff88006eb212f)C:\Windows\Minidump\050215-21044-01.dmp050215-21044-01
Error: (05/02/2015 11:16:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:10:21 AM on 5/2/2015 was unexpected.
Error: (05/01/2015 09:35:34 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue169.254.227.208:8367
Error: (05/01/2015 09:35:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (05/01/2015 09:35:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
Error: (05/01/2015 08:57:32 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue169.254.227.208:8367
Error: (05/01/2015 08:57:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (05/01/2015 08:57:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
Microsoft Office Sessions:
=========================
Error: (05/02/2015 04:32:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 20%
Total physical RAM: 32593.86 MB
Available physical RAM: 25788.29 MB
Total Pagefile: 33616.05 MB
Available Pagefile: 25317.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:111.79 GB) (Free:11.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Samples) (Fixed) (Total:953.87 GB) (Free:207.17 GB) NTFS
Drive f: (Projects) (Fixed) (Total:1863.01 GB) (Free:747.5 GB) NTFS
Drive h: (David Backup Drive) (Fixed) (Total:1862.98 GB) (Free:236.08 GB) NTFS
Drive i: (Glyph1 Samples Drive) (Fixed) (Total:1863.01 GB) (Free:1132.59 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: C68D6B8C)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 41BB49C5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 41BB49C4)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DB558E4E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Nothing really bad jumping out at me but sometimes these things hide
Your running FRST64 from your downloads folder, our tools and scanners work more efficiently when run from the Desktop in lieu of being buried in some folder, so go to your Downloads folder and look for FRST64, right click on it and select CUT, then come back to your Desktop and right click on a blank space and select PASTE, then we will have FRST64 exactly where we want it to be.
Run these tools and lets see if they find and remove anything, am including Malwarebytes as its the latest version, so uninstall Malwarebytes and download and install the latest version per my instructions
-AdwCleaner-by Xplode
Click on this link to download : ADWCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) To your Desktop
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
Use my link only, do not do a search for AdwCleaner as there is a bogus copy going around by scammers
Do not click on any links in the top Advertisment.
http://i24.photobucket.com/albums/c30/ken545/AdwCleaner4.201_zpsxrbk2llq.jpg (http://s24.photobucket.com/user/ken545/media/AdwCleaner4.201_zpsxrbk2llq.jpg.html)
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
===============================================================================
http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
===============================================================================
Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop. <---------
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
http://i24.photobucket.com/albums/c30/ken545/MBAM2010601022_zpsyvzbaddn.jpg (http://s24.photobucket.com/user/ken545/media/MBAM2010601022_zpsyvzbaddn.jpg.html)
On the Dashboard click on Update Now
Go to the Setting Tab
Under Setting go to Detection and Protection
Under PUP and PUM make sure both are set to show Treat Detections as Malware
Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
Then on the Dashboard click on Scan
Make sure to select THREAT SCAN
Then click on Scan
When the scan is finished and the log pops up...select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes
bydavidrosen
2015-05-03, 02:54
OK so far here are the results of FRST64 run from the desktop, and then the results of ADW Cleaner and JRT. After this I will go uninstall and reinstall malwarebytes and report back on that:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by PCAudioLabs DAW (administrator) on DAVIDROSENSTUDI on 02-05-2015 17:43:11
Running from C:\Users\PCAudioLabs DAW\Desktop
Loaded Profiles: PCAudioLabs DAW (Available profiles: PCAudioLabs DAW)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Code 42 Software) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\GCloud.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Code 42 Software, Inc.) C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Dropbox, Inc.) C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Gigabyte Technology CO.) C:\Program Files\Gigabyte\SmartRecovery2\RPMDaemon.exe
(Microsoft) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
() C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
() C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) F:\Downloads\aswMBR.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7632088 2014-06-10] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Thunderbolt] => C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe [767944 2013-07-22] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-26] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\Gigabyte\SmartRecovery2\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [Artisan 710(Network)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFSA.EXE [223232 2009-02-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [GoogleChromeAutoLaunch_5D2807729758A2B8E21918A1522A5522] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866120 2015-04-27] (Google Inc.)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\MountPoints2: {30d84cf9-95e6-11e4-b827-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\MountPoints2: {3357bd1c-9f7a-11e4-bba7-806e6f6e6963} - notepad SeaToolsDOSguide.EN.txt
HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\MountPoints2: {7a709a47-7ad7-11e3-a677-806e6f6e6963} - D:\Launch.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk [2015-01-20]
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
Startup: C:\Users\PCAudioLabs DAW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcaudiolabs.com/
HKU\S-1-5-21-866153256-604687578-3467628321-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-02] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/ig", "hxxp://www.facebook.com/", "hxxp://mbox.pearlsent.com/mail.php?", "hxxp://mbox.bydavidrosen.com/mail.php?", "hxxp://www.google.com/"
CHR Profile: C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Context) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aalnjolghjkkogicompabhhbbkljnlka [2015-03-08]
CHR Extension: (Google Slides) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-08]
CHR Extension: (Entanglement Web App) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-03-08]
CHR Extension: (Angry Birds) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-03-08]
CHR Extension: (Google Docs) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08]
CHR Extension: (Google Drive) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-08]
CHR Extension: (YouTube) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-08]
CHR Extension: (Google Cast) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-03-08]
CHR Extension: (Pushbullet) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-03-08]
CHR Extension: (Google Search) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-08]
CHR Extension: (Google Play Music) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-03-08]
CHR Extension: (Google Sheets) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-08]
CHR Extension: (Chrome Notepad) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2015-03-08]
CHR Extension: (Pdf4Kindle) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fghacdodjfjdcnikcifbjeaomhipabkb [2015-03-08]
CHR Extension: (Chrome Picross) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjohhgoihaajipdgmhohakneklimnepm [2015-03-08]
CHR Extension: (Bookmark Manager) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-29]
CHR Extension: (Pin It Button) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-03-08]
CHR Extension: (Mailto:) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gppbppehiogfokmpligejhaepeopajdf [2015-03-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-08]
CHR Extension: (feedly) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-03-08]
CHR Extension: (Google Keep - notes and lists) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-03-08]
CHR Extension: (Pixlr Editor) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-03-08]
CHR Extension: (Dropbox) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-03-08]
CHR Extension: (HelloSign: Online signatures made easy) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kajjckmbclbffbpecfbiecehkfgopppd [2015-03-08]
CHR Extension: (Any.do Extension) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2015-03-08]
CHR Extension: (Atari - Tempest) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kflkdjocancddgfnbhedkaefjdomdcaf [2015-03-08]
CHR Extension: (SparkChess 7) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2015-03-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (AudioSauna) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2015-03-08]
CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2015-03-08]
CHR Extension: (Poppit!) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-03-08]
CHR Extension: (Reload All Tabs) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\midkcinmplflbiflboepnahkboeonkam [2015-03-08]
CHR Extension: (Plants vs Zombies) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-03-16]
CHR Extension: (Save to Pocket) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-08]
CHR Extension: (Verbatim Search) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\occcfdnjdbgjglcbpolkmjnjillkgbcm [2015-03-08]
CHR Extension: (Gmail) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-08]
CHR Extension: (Canvas Rider) - C:\Users\PCAudioLabs DAW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-03-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CrashPlanService; C:\Program Files (x86)\CrashPlan\CrashPlanService.exe [156440 2014-11-20] (Code 42 Software)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16384 2014-04-16] () [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 GCloud; C:\Program Files (x86)\GIGABYTE\CloudStation\HomeCloud\GCloud.exe [19264 2014-06-18] (Microsoft)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [77600 2014-03-26] (Asmedia Technology)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-13] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [112408 2015-01-19] ()
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-17] (Sandboxie Holdings, LLC)
R3 Scarlett_UAC2Audio; C:\Windows\System32\DRIVERS\Scarlett_UAC2Audio.sys [93568 2014-10-02] (Focusrite Audio Engineering Limited.)
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
U3 aswMBR; \??\C:\Users\PCAUDI~1\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\PCAUDI~1\AppData\Local\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 17:43 - 2015-05-02 17:43 - 00029181 _____ () C:\Users\PCAudioLabs DAW\Desktop\FRST.txt
2015-05-02 17:01 - 2015-05-02 17:43 - 00000000 ____D () C:\FRST
2015-05-02 17:01 - 2015-05-02 17:01 - 02101248 _____ (Farbar) C:\Users\PCAudioLabs DAW\Desktop\FRST64.exe
2015-05-02 17:00 - 2015-05-02 17:00 - 00002535 _____ () C:\Users\PCAudioLabs DAW\Documents\aswMBR.txt
2015-05-02 17:00 - 2015-05-02 17:00 - 00000512 _____ () C:\Users\PCAudioLabs DAW\Documents\MBR.dat
2015-05-01 20:38 - 2015-05-01 20:38 - 00000000 ____D () C:\Program Files (x86)\steinberg
2015-05-01 18:33 - 2015-05-01 20:41 - 00000000 ____D () C:\ProgramData\Solid State Networks
2015-05-01 18:26 - 2015-05-02 11:16 - 00000280 _____ () C:\Windows\setupact.log
2015-05-01 18:26 - 2015-05-01 18:26 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-01 18:19 - 2015-05-02 11:16 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-05-01 18:19 - 2015-05-01 18:19 - 00006489 _____ () C:\Windows\system32\lvcoinst.log
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-05-01 18:19 - 2015-05-01 18:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-01 18:18 - 2015-03-13 20:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-01 18:18 - 2015-03-13 20:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-01 18:18 - 2015-03-13 20:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-01 18:18 - 2015-03-13 20:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-01 18:18 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-01 18:18 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-01 18:18 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-01 18:18 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-01 18:18 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-01 18:18 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-01 18:18 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-01 18:18 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-01 18:18 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-01 18:18 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-01 18:18 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-30 00:01 - 2015-04-30 00:01 - 00023200 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-04-29 14:42 - 2015-04-29 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt(TM) Software
2015-04-28 17:12 - 2015-04-28 17:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-28 17:12 - 2015-04-28 17:12 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-28 11:35 - 2015-04-01 17:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-28 11:35 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-28 11:35 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-28 11:35 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-28 11:35 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-28 11:35 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-28 11:35 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-28 11:35 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-28 11:35 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-28 11:35 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-28 11:35 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-28 11:35 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-28 11:35 - 2015-03-16 22:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-28 11:35 - 2015-03-16 22:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-28 11:35 - 2015-03-16 22:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-28 11:35 - 2015-03-16 22:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-28 11:35 - 2015-03-16 22:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-28 11:35 - 2015-03-16 22:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-28 11:35 - 2015-03-16 22:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-28 11:35 - 2015-03-16 22:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-28 11:35 - 2015-03-16 22:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-28 11:35 - 2015-03-16 22:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-28 11:35 - 2015-03-16 22:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-28 11:35 - 2015-03-16 22:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-28 11:35 - 2015-03-16 22:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-28 11:35 - 2015-03-16 22:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-28 11:35 - 2015-03-16 22:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-28 11:35 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-28 11:35 - 2015-03-16 21:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-28 11:35 - 2015-03-16 21:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-28 11:35 - 2015-03-16 21:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-28 11:35 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-28 11:35 - 2015-03-16 21:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-28 11:35 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-28 11:35 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-28 11:35 - 2015-03-16 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-28 11:35 - 2015-03-16 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-28 11:35 - 2015-03-16 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-28 11:35 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-28 11:35 - 2015-03-12 21:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-28 11:35 - 2015-03-12 21:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-28 11:35 - 2015-03-12 21:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-28 11:35 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-28 11:35 - 2015-03-12 21:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-28 11:35 - 2015-03-12 21:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-28 11:35 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-28 11:35 - 2015-03-12 21:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-28 11:35 - 2015-03-12 21:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-28 11:35 - 2015-03-12 20:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-28 11:35 - 2015-03-12 20:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-28 11:35 - 2015-03-12 20:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-28 11:35 - 2015-03-12 20:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-28 11:35 - 2015-03-12 20:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-28 11:35 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-28 11:35 - 2015-03-12 20:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-28 11:35 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-28 11:35 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-28 11:35 - 2015-03-12 20:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-28 11:35 - 2015-03-12 20:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-28 11:35 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-28 11:35 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-28 11:35 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-28 11:35 - 2015-03-12 20:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-28 11:35 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-28 11:35 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-28 11:35 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-28 11:35 - 2015-03-12 20:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-28 11:35 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-28 11:35 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-28 11:35 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-28 11:35 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-28 11:35 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-28 11:35 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-28 11:35 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-28 11:35 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-28 11:35 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-28 11:35 - 2015-03-12 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-28 11:35 - 2015-03-12 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-28 11:35 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-28 11:35 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-28 11:35 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-28 11:35 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-28 11:35 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-28 11:35 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-28 11:35 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-28 11:35 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-28 11:35 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-28 11:35 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-28 11:35 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-28 11:35 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-28 11:35 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-28 11:35 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-28 11:35 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-28 11:35 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-28 11:35 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-28 11:35 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-28 11:35 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-28 11:35 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-28 11:35 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-28 11:35 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-28 11:35 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-28 11:35 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-28 11:32 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-28 11:32 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-28 11:32 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-28 10:24 - 2015-04-28 10:24 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-28 10:24 - 2015-04-28 10:24 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-06 19:39 - 2015-04-07 09:49 - 00000000 ____D () C:\Program Files (x86)\ProjectSAM Downloader
2015-04-06 19:39 - 2015-04-06 19:39 - 00001209 _____ () C:\Users\Public\Desktop\ProjectSAM Downloader.lnk
2015-04-06 19:39 - 2015-04-06 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProjectSAM Downloader
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 16:56 - 2015-01-21 20:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 16:53 - 2015-01-18 10:14 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 15:57 - 2015-01-20 21:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-02 14:32 - 2009-07-13 22:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-02 13:31 - 2015-03-08 16:22 - 00045062 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 11:24 - 2009-07-13 21:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 11:24 - 2009-07-13 21:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 11:23 - 2015-01-27 19:00 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-02 11:22 - 2015-01-27 19:00 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-05-02 11:22 - 2015-01-27 19:00 - 00000000 ____D () C:\Program Files\Java
2015-05-02 11:18 - 2015-01-18 18:28 - 00006469 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-02 11:17 - 2015-01-18 18:40 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2015-05-02 11:16 - 2015-01-18 22:31 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox
2015-05-02 11:16 - 2015-01-18 18:39 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-05-02 11:16 - 2015-01-18 10:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 11:16 - 2015-01-13 23:22 - 00000000 ____D () C:\Windows\Minidump
2015-05-02 11:16 - 2014-01-11 08:46 - 00295124 ____N () C:\Windows\Minidump\050215-21044-01.dmp
2015-05-02 11:16 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 02:00 - 2015-02-09 19:47 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Local\Adobe
2015-05-01 23:33 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-01 21:40 - 2015-01-18 20:55 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Local\Spectrasonics
2015-05-01 20:51 - 2015-01-18 19:31 - 00000000 ____D () C:\ProgramData\Spectrasonics
2015-05-01 20:49 - 2015-01-18 21:12 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\Waves Audio
2015-05-01 20:08 - 2015-01-18 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2015-05-01 18:25 - 2014-01-11 09:13 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\TeamViewer
2015-05-01 18:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-01 18:16 - 2015-01-18 22:31 - 00001011 _____ () C:\Users\PCAudioLabs DAW\Desktop\Dropbox.lnk
2015-05-01 18:16 - 2015-01-18 22:31 - 00000000 ____D () C:\Users\PCAudioLabs DAW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-29 14:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-29 14:42 - 2015-01-18 10:15 - 00000000 ____D () C:\Program Files\Intel
2015-04-28 17:01 - 2014-01-10 18:41 - 00775692 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-28 17:00 - 2014-01-10 17:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-28 16:57 - 2014-01-10 17:52 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-28 15:54 - 2015-01-18 10:14 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-28 11:57 - 2015-01-21 20:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-28 11:57 - 2015-01-21 20:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-28 11:57 - 2015-01-21 20:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-28 10:18 - 2015-01-20 21:36 - 00001634 _____ () C:\Windows\Sandboxie.ini
2015-04-07 10:09 - 2014-01-11 08:46 - 01392504 _____ () C:\DUMP2606.tmp
2015-04-06 19:08 - 2015-01-21 21:22 - 00001927 _____ () C:\Users\Public\Desktop\SONAR Platinum.lnk
2015-04-06 19:08 - 2015-01-20 22:08 - 00000842 _____ () C:\Users\Public\Desktop\Speccy.lnk
2015-04-06 19:08 - 2015-01-20 21:36 - 00001004 _____ () C:\Users\PCAudioLabs DAW\Desktop\Sandboxed Web Browser.lnk
2015-04-06 19:08 - 2015-01-18 21:02 - 00001047 _____ () C:\Users\Public\Desktop\Z3TA+ 2_x64.lnk
2015-04-06 19:08 - 2015-01-18 19:15 - 00001123 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-04-06 19:08 - 2015-01-18 19:14 - 00000868 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-06 19:08 - 2015-01-18 19:12 - 00001016 _____ () C:\Users\PCAudioLabs DAW\Desktop\BREVERB 2.lnk
2015-04-06 19:08 - 2015-01-18 19:08 - 00001112 _____ () C:\Users\Public\Desktop\Dimension Pro x64.lnk
2015-04-06 19:08 - 2015-01-18 18:55 - 00001140 _____ () C:\Users\Public\Desktop\Rapture x64.lnk
2015-04-06 19:08 - 2015-01-18 18:53 - 00001954 _____ () C:\Users\Public\Desktop\SONAR X3 Producer (x64).lnk
==================== Files in the root of some directories =======
2015-01-18 19:10 - 2015-01-18 19:10 - 0297203 _____ () C:\Program Files (x86)\unins000.dat
2015-01-18 19:10 - 2015-01-18 19:10 - 0722680 _____ () C:\Program Files (x86)\unins000.exe
2015-01-18 19:32 - 2015-01-18 21:54 - 0005982 _____ () C:\Program Files (x86)\unins001.dat
2015-01-18 21:54 - 2015-01-18 21:54 - 0718497 _____ () C:\Program Files (x86)\unins001.exe
2015-03-03 09:49 - 2015-03-03 09:49 - 0000132 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-02-12 10:54 - 2015-02-15 10:38 - 0000016 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\msregsvv.dll
2015-02-16 10:23 - 2015-03-07 09:55 - 0001456 _____ () C:\Users\PCAudioLabs DAW\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-02-12 10:54 - 2015-02-15 10:38 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-01-18 18:23 - 2015-01-18 18:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\PCAudioLabs DAW\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmm_txx.dll
C:\Users\PCAudioLabs DAW\AppData\Local\Temp\jre-8u45-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-28 12:18
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by PCAudioLabs DAW at 2015-05-02 17:43:38
Running from C:\Users\PCAudioLabs DAW\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-866153256-604687578-3467628321-500 - Administrator - Disabled)
Guest (S-1-5-21-866153256-604687578-3467628321-501 - Limited - Disabled)
PCAudioLabs DAW (S-1-5-21-866153256-604687578-3467628321-1000 - Administrator - Enabled) => C:\Users\PCAudioLabs DAW
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS B14.0730.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B14.0730.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8DioDownloader (HKLM-x32\...\{B5D46C5B-EAAF-4C73-9DA6-38189DE97C85}) (Version: 0.0.21 - 8Dio Productions)
AAS - Angelicals (HKLM-x32\...\Angelicals) (Version: - Applied Acoustics Systems)
AAS - Cardinals (HKLM-x32\...\Cardinals) (Version: - Applied Acoustics Systems)
AAS - Chromaphone (HKLM-x32\...\Chromaphone) (Version: - Applied Acoustics Systems)
AAS - Cinematheque (HKLM-x32\...\Cinematheque) (Version: - Applied Acoustics Systems)
AAS - Lounge Lizard EP-4 (HKLM-x32\...\Lounge Lizard EP-4) (Version: - Applied Acoustics Systems)
AAS - Microsound Textures (HKLM-x32\...\Microsound Textures) (Version: - Applied Acoustics Systems)
AAS - Ultra Analog VA-2 (HKLM-x32\...\Ultra Analog VA-2) (Version: - Applied Acoustics Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.14.1205 - Gigabyte)
APP Center (x32 Version: 1.14.1205 - Gigabyte) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.9.0001 - Asmedia Technology)
Authorization Wizard Update 2.1 (HKLM-x32\...\{40AFBF62-AB70-49F5-B0FF-D92EA8BD4833}) (Version: 2.1 - EastWest Sounds, Inc)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 (HKLM\...\{E23574BD-9C5E-40EE-876A-02BA6BDE63EF}_is1) (Version: 2.1.8 - Overloud)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 - GIGABYTE)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.77.0.2015 - Georgy Berdyshev)
Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1408.1401 - GIGABYTE)
Cloud Station Server (x32 Version: 1.00.1408.1401 - GIGABYTE) Hidden
Command Center (HKLM-x32\...\{B5C98C54-097A-4B4C-8189-FEF1C79F3638}_is1) (Version: 1.0.1.22820 - Cakewalk Music Software)
Connect (HKLM-x32\...\Connect 2.2.2) (Version: 2.2.2 - Continuata)
CrashPlan (HKLM-x32\...\{F5DF8435-7822-4D0C-88A9-604EC76D0B06}) (Version: 3.7.0 - Code 42 Software)
Dimension Pro 1.5 (HKLM-x32\...\DimensionPro_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Dimension Pro Free Expansion Packs 1-3 (HKLM-x32\...\Dimension Pro Free Expansion Packs 1-3_is1) (Version: 1.0 - Cakewalk)
Dropbox (HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Dropbox) (Version: 3.4.5 - Dropbox, Inc.)
Drum Weapons 2.01 (HKLM-x32\...\Drum Weapons 2.01) (Version: - )
Drum Weapons 3 VSTi - 64 Bit (HKLM-x32\...\{F41C33E6-92A2-4092-A2EA-238FA71FCE14}) (Version: 3.0.2 - Music Weapons)
DVD Architect Pro 6.0 (HKLM-x32\...\{E0E531A2-17C1-11E2-984D-1040F3E7010F}) (Version: 6.0.237 - Sony)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
EPSON Artisan 710 Series Printer Uninstall (HKLM\...\EPSON Artisan 710 Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EWQL Symphonic Choirs (HKLM\...\{BFDBD40C-F650-4847-8EE4-7E083DF4577D}) (Version: 1.2.0 - EastWest Sounds, Inc.)
EZSetup B14.0709.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
EZSetup B14.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.00.0000 - GIGABYTE)
Fast Boot (x32 Version: 1.00.0000 - GIGABYTE) Hidden
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Focusrite Scarlett Family Audio Driver 3.1.10 (HKLM\...\Focusrite Scarlett Family Audio Driver_is1) (Version: 3.1.10 - Focusrite Audio Engineering Limited.)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IK Multimedia Authorization Manager version 1.0.11 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.11 - IK Multimedia)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
iZotope BreakTweaker (HKLM-x32\...\iZotope BreakTweaker_is1) (Version: 1.01 - iZotope, Inc.)
iZotope BreakTweaker Factory Content (HKLM-x32\...\iZotope BreakTweaker Factory Content_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Nectar Elements (HKLM-x32\...\iZotope Nectar Elements_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Ozone 5 (HKLM-x32\...\iZotope Ozone 5_is1) (Version: 5.05 - iZotope, Inc.)
iZotope Ozone 6 (HKLM-x32\...\iZotope Ozone 6_is1) (Version: 6.01 - iZotope, Inc.)
iZotope Ozone 6 Advanced (HKLM-x32\...\iZotope Ozone 6 Advanced_is1) (Version: 6.01 - iZotope, Inc.)
iZotope Stutter Edit (HKLM-x32\...\iZotope Stutter Edit_is1) (Version: 1.05 - iZotope, Inc.)
iZotope Trash 2 (HKLM-x32\...\iZotope Trash 2_is1) (Version: 2.03 - iZotope, Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Melodyne singletrack (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 2.01.0202 - Celemony Software GmbH)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
NationWide_Disc Master Uploader App (HKLM-x32\...\NationWide_Disc Master Uploader App) (Version: - Sonoris Audio Engineering)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.3.0.11 - Native Instruments)
Native Instruments Abbey Road 70s Drummer (HKLM-x32\...\Native Instruments Abbey Road 70s Drummer) (Version: 1.3.0.7 - Native Instruments)
Native Instruments Abbey Road 80s Drummer (HKLM-x32\...\Native Instruments Abbey Road 80s Drummer) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Abbey Road Modern Drummer (HKLM-x32\...\Native Instruments Abbey Road Modern Drummer) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Abbey Road Vintage Drummer (HKLM-x32\...\Native Instruments Abbey Road Vintage Drummer) (Version: 1.3.0.9 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.2.1.1307 - Native Instruments)
Native Instruments Action Strings (HKLM-x32\...\Native Instruments Action Strings) (Version: - Native Instruments)
Native Instruments Alicias Keys (HKLM-x32\...\Native Instruments Alicias Keys) (Version: 1.5.0.1 - Native Instruments)
Native Instruments Balinese Gamelan (HKLM-x32\...\Native Instruments Balinese Gamelan) (Version: 1.2.0.5 - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.4.126 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.0.1.003 - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version: - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.4.199 - Native Instruments)
Native Instruments Cuba (HKLM-x32\...\Native Instruments Cuba) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Damage (HKLM-x32\...\Native Instruments Damage) (Version: 1.4.0.9 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Evolve Mutations (HKLM-x32\...\Native Instruments Evolve Mutations) (Version: - Native Instruments)
Native Instruments Evolve Mutations 2 (HKLM-x32\...\Native Instruments Evolve Mutations 2) (Version: - Native Instruments)
Native Instruments Evolve R2 (HKLM-x32\...\Native Instruments Evolve R2) (Version: 1.6.0.2 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.3.2.1362 - Native Instruments)
Native Instruments George Duke Soul Treasures (HKLM-x32\...\Native Instruments George Duke Soul Treasures) (Version: 1.3.0.15 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version: - Native Instruments)
Native Instruments Komplete 9 Ultimate (HKLM-x32\...\Native Instruments Komplete 9 Ultimate) (Version: - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.2.245 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Kore Player (HKLM-x32\...\Native Instruments Kore Player) (Version: - Native Instruments)
Native Instruments Maschine Drum Selection (HKLM-x32\...\Native Instruments Maschine Drum Selection) (Version: - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.2.419 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: - Native Instruments)
Native Instruments Paranormal Spectrums (HKLM-x32\...\Native Instruments Paranormal Spectrums) (Version: - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Rammfire for Maschine (HKLM-x32\...\Native Instruments Rammfire for Maschine) (Version: - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.7.0.1 - Native Instruments)
Native Instruments RC 24 (HKLM-x32\...\Native Instruments RC 24) (Version: 1.1.1.427 - Native Instruments)
Native Instruments RC 48 (HKLM-x32\...\Native Instruments RC 48) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.2.1074 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.1 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.1 - Native Instruments)
Native Instruments Reflektor for Maschine (HKLM-x32\...\Native Instruments Reflektor for Maschine) (Version: - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.0.699 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
Native Instruments Rise and Hit (HKLM-x32\...\Native Instruments Rise and Hit) (Version: 1.0.0.8 - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version: - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version: - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: - Native Instruments)
Native Instruments Scarbee MM-Bass Amped (HKLM-x32\...\Native Instruments Scarbee MM-Bass Amped) (Version: - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version: - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version: - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.0.1093 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Session Strings Pro (HKLM-x32\...\Native Instruments Session Strings Pro) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Skanner (HKLM-x32\...\Native Instruments Skanner) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Sonic Fiction (HKLM-x32\...\Native Instruments Sonic Fiction) (Version: - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.12 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.7 - Native Instruments)
Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.2 - Native Instruments)
Native Instruments Traktors 12 for Maschine (HKLM-x32\...\Native Instruments Traktors 12 for Maschine) (Version: - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments True Strike Tension (HKLM-x32\...\Native Instruments True Strike Tension) (Version: - )
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version: - Native Instruments)
Native Instruments Urban Arsenal (HKLM-x32\...\Native Instruments Urban Arsenal) (Version: - )
Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version: - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.5 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.2 - Native Instruments)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
Nitro Pro 9 (HKLM-x32\...\{1e46fa9b-e926-4d41-a4f6-646a3eb9c438}) (Version: 9.0.5.9 - Nitro)
Nitro Pro 9 (Version: 9.0.5.9 - Nitro) Hidden
Nori Ubukata's 'Sounds of the World' Expansion for SynthMaster 2.5 version 1.0 (HKLM-x32\...\{8177CF9F-5D50-4175-964B-0A3A0AEFCF97}_is1) (Version: 1.0 - KV331 Audio)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.5.0812 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.5.0812 - PACE Anti-Piracy, Inc.) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Play Update 4.2.2 (HKLM\...\{D5A16FC4-9409-4289-921B-E79FBC5E17DB}) (Version: 4.2.2 - EastWest Sounds, Inc)
Poetic Guitar II (HKLM-x32\...\Poetic Guitar II) (Version: 1.0 - Times Concept)
Poetic Guitar II (Version: 1.0 - Times Concept) Hidden
ProjectSAM Downloader (HKLM-x32\...\{46190964-88DD-E51B-72F6-1369F544E70F}) (Version: 4.1 - ProjectSAM)
QL Goliath (HKLM\...\{3F91D767-0BCA-4FCD-8092-E18D5B73602B}) (Version: 1.0.046 - EastWest Sounds, Inc.)
QL Pianos Gold (HKLM\...\{166E363B-435D-4EBB-8243-8FAE51D93D1C}) (Version: 1.2.3 - EastWest Sounds, Inc.)
QL Ra (HKLM\...\{049104BA-45D1-4478-ADF9-28849D73B2A9}) (Version: 1.1.13 - EastWest Sounds, Inc.)
QL Silk (HKLM\...\{433BD3CD-9BEF-40DA-A8A7-6225F2CA4661}) (Version: 1.1.13 - EastWest Sounds, Inc.)
QL Stormdrum 2 (HKLM\...\{E6430723-966F-4BB5-AD6A-6FFC5EDA8617}) (Version: 1.0.056 - EastWest Sounds, Inc.)
QL Voices of Passion (HKLM\...\{3AA35C1A-A4D5-43A2-A3C0-6632A4AF9557}) (Version: 1.2.3 - EastWest Sounds, Inc.)
QL Voices of Passion Sample Library Updater (HKLM-x32\...\{397EC4BB-0919-42CA-A80F-899FBE9ABA00}) (Version: 1.0.005 - EastWest Sounds, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
reFX Nexus 2.6.5 (64-bit) (HKLM-x32\...\{84D04D4F-2201-4AED-BE9A-FFA62069CA19}_is1) (Version: 2.6.5 - reFX Audio Software Inc.)
reFX Slayer 2.6.1 (HKLM-x32\...\reFX Slayer 2.6.1_is1) (Version: - )
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
SampleTank 3 version 3.3.0 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.3.0 - IK Multimedia)
Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Smart Recovery 2 B14.0521.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden
SONAR X3 Producer (x64) (HKLM-x32\...\SONARX3Producer_x64_is1) (Version: 20.0 - Cakewalk Music Software)
Speccy (HKLM\...\Speccy) (Version: 1.27 - Piriform)
Spire Plug-In (x64) (HKLM\...\{CEB34E00-91F6-406B-A211-F0904D117375}) (Version: 1.0.7.0 - Reveal Sound Ltd.)
Spitfire Audio Library Manager (HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\c1cc23f14724b4e8) (Version: 1.0.4.25 - Spitfire Audio LLP)
Spotify (HKU\S-1-5-21-866153256-604687578-3467628321-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Stutter Edit Expansion 1 (HKLM-x32\...\Stutter Edit Expansion 1_is1) (Version: 1.00 - iZotope, Inc.)
Stutter Edit Expansion 2 (HKLM-x32\...\Stutter Edit Expansion 2_is1) (Version: 1.00 - iZotope, Inc.)
Superior Drummer 64-bit (HKLM\...\{0E54CF79-AE40-409E-9253-9563418C730C}) (Version: 2.4.1 - Toontrack)
Superior Drummer 64-bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.3.1 - Toontrack)
SynthMaster 2.6 VST/VSTi/RTAS/AAX (x64) Software Synthesizer version 2.6.21 (HKLM\...\{724D6BD0-88D0-4354-A124-6EE4D36E9EF2}_is1) (Version: 2.6.21 - KV331 Audio)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Thunderbolt(TM) Software (HKLM\...\{A1E0CC92-937C-4D22-8F42-C5BE96F35AC0}) (Version: 1.4.0.1 - Intel(R) Corporation)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D264BD11-6A9B-11E4-A4F7-F04DA23A5C58}) (Version: 13.0.428 - Sony)
Waves Complete V9r26 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.26 - Waves)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WordBuilder PLAY 64 Bit (HKLM\...\{478B410C-8A25-40E9-977D-4D582AB41788}) (Version: 1.0.0 - EastWest Sounds, Inc.)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version: - )
Z3TA+ 2 (x64) (HKLM-x32\...\Z3TA+ 2_x64_is1) (Version: 2.1 - Cakewalk Music Software)
Zero-G Phaedra (HKLM-x32\...\Zero-G Phaedra) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-866153256-604687578-3467628321-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-04-2015 10:24:02 Windows Update
28-04-2015 16:56:40 Windows Update
28-04-2015 17:16:44 Windows Backup
29-04-2015 14:42:50 Installed Thunderbolt(TM) Software
29-04-2015 14:46:08 Windows Backup
29-04-2015 15:00:22 Windows Backup
01-05-2015 18:16:19 Windows Update
01-05-2015 18:18:49 Windows Update
01-05-2015 20:08:21 Configured Waves Complete V9r26
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2015-04-01 08:05 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {109CF5BB-1797-4957-9ABD-BE23FBD5E272} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: {15153818-A988-4A7C-9916-9A7AE52B0628} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {1D53EF8B-2274-4A97-B87A-D949702BA0A6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {2E88A08E-CFB4-45AA-856E-56EC25F8F766} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {2EFE7F23-DE68-4261-A79C-6E3E43C2E6E7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {418C60A2-C2E4-47CA-9447-C1581A9DD6D1} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {48A48A81-3878-4C23-8505-2758EC4088DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {529CEF99-3B89-49EE-B1B1-FC0D3D14B525} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {628FC942-C428-4871-B4F0-0ED764CD757B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {871EE1F8-4867-4B8A-9AB8-D32D11342AA6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {A31D5CC1-726D-4140-BE9F-98259D3A0452} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {BD7600DD-F8E4-478C-A848-ED996512B7F9} - System32\Tasks\AdobeAAMUpdater-1.0-DAVIDROSENSTUDI-PCAudioLabs DAW => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F404D59D-408D-40EC-89DA-AA8E1C18B7AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-04-16 17:09 - 2014-04-16 17:09 - 00016384 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2014-12-08 03:10 - 2014-12-08 03:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-18 18:35 - 2015-01-18 18:35 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2015-01-06 06:18 - 2015-01-06 06:18 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2014-01-21 14:36 - 2014-01-21 14:36 - 00015872 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
2014-02-26 20:22 - 2014-02-26 20:22 - 00107008 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
2015-04-28 15:54 - 2015-04-27 16:59 - 01633608 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-28 15:54 - 2015-04-27 16:59 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-28 15:54 - 2015-04-27 16:59 - 26783560 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2014-11-20 09:12 - 2014-11-20 09:12 - 00013312 _____ () C:\Program Files (x86)\CrashPlan\md5.dll
2014-11-20 09:14 - 2014-11-20 09:14 - 00200472 _____ () C:\Program Files (x86)\CrashPlan\cpnative.dll
2012-11-27 09:03 - 2012-11-27 09:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.DLL
2015-03-08 16:49 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-08 16:49 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-08 16:49 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-08 16:49 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-08 16:49 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-21 09:57 - 2009-03-12 16:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2015-01-21 09:57 - 2008-11-21 14:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2015-05-02 11:16 - 2015-05-02 11:16 - 00043008 _____ () c:\Users\PCAudioLabs DAW\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmm_txx.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00750080 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00047616 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00865280 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-04-02 00:11 - 2015-04-02 00:11 - 00200704 _____ () C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-03-25 14:14 - 2014-03-25 14:14 - 00105984 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ycc.dll
2014-07-09 14:15 - 2014-07-09 14:15 - 00311296 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\MFCCPU.dll
2014-06-17 21:24 - 2014-06-17 21:24 - 00208896 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\MFCSPD.dll
2014-07-31 12:51 - 2014-07-31 12:51 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\BDR_info.dll
2009-07-13 14:03 - 2009-07-13 18:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-06-24 17:08 - 2014-06-24 17:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Microsoft:6k1VkAEgpGeIKqk0jvWeQ4og
AlternateDataStreams: C:\ProgramData\Microsoft:aQcrnlbhVy7sNwglE6AGN
AlternateDataStreams: C:\ProgramData\Microsoft:cgqO7pJgXsqTojdXVMIV7xWOO1
AlternateDataStreams: C:\ProgramData\Microsoft:T7ZsCSn3BZbtfDfECWd
AlternateDataStreams: C:\Users\PCAudioLabs DAW\Cookies:hJ9kGNsqmERXT3KtrAMtWm
AlternateDataStreams: C:\Users\PCAudioLabs DAW\Local Settings:2L8QbVmKqoBZ7dtaIJJKTh6NUR29
AlternateDataStreams: C:\Users\PCAudioLabs DAW\Local Settings:rdQ9yc47ZcYyQBPpo19YgOeb
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local:2L8QbVmKqoBZ7dtaIJJKTh6NUR29
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local:rdQ9yc47ZcYyQBPpo19YgOeb
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local\Application Data:2L8QbVmKqoBZ7dtaIJJKTh6NUR29
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local\Application Data:rdQ9yc47ZcYyQBPpo19YgOeb
AlternateDataStreams: C:\Users\PCAudioLabs DAW\AppData\Local\Temp:9cmoxKfeYGLPTiDRlE4Ki6C7
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-866153256-604687578-3467628321-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PCAudioLabs DAW\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BAAD85C2-19EF-4F77-868B-B908266A75B1}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{27C6C995-B820-4CC2-8DDB-9C95B6D01D59}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0EC0CCD2-DDC1-4E02-91B1-13AAD18BFE8F}] => (Allow) C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{97DDABED-74A3-4ED0-BBFD-C7D25B1CBFAA}] => (Allow) C:\Users\PCAudioLabs DAW\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{ACDC99BB-9482-451B-897F-D28C09BC1172}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F4B75D5C-A006-4955-814F-3835AB976FFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E7D6EC6F-2517-4EBE-9C03-17AC0E7B5557}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1F06EC03-C06C-4DFC-9D7E-B1CBB84F1830}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{70AE04EA-190E-48F9-BD2F-A92DE4BD1DC0}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [UDP Query User{D7842291-75FA-4083-AF80-23EF8764C4B7}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [{E4BFD02A-363E-4CA3-89CD-CF67537DA54B}] => (Allow) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
FirewallRules: [{7E419ABF-B0AB-436D-BAB0-02C16D314EEB}] => (Allow) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
FirewallRules: [{0073C4D9-79AB-4217-8D47-BE9B9E795F32}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E9A8E273-CD20-47B2-B948-85834D6A73CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B3C4DB58-3932-475B-BDED-8D72656706F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{574F3F43-B693-420B-83C7-11F9D8F096D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E7E8DC1F-D7B3-42E7-ADE7-6322C08DB409}C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe] => (Allow) C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe
FirewallRules: [UDP Query User{C0D3ED47-148D-4449-99A9-5EDA6C42B24C}C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe] => (Allow) C:\program files\cakewalk\sonar x3 producer\sonarpdr.exe
FirewallRules: [{C064DA09-8FC2-4732-86C2-53DCFFBD79F3}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [{ECCC9A0E-12DF-4EBB-9DDD-63588DAB3F90}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [TCP Query User{1180DAB5-4944-4FFE-A597-AE3D9586629B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{257D06AD-D6B4-4446-A936-EE98CE67B338}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{9F47150D-FD81-454C-AA7C-4EB232CD7089}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Allow) C:\program files\cakewalk\shared utilities\vstscan.exe
FirewallRules: [UDP Query User{0000C3CE-9268-460A-8110-DACD8604028E}C:\program files\cakewalk\shared utilities\vstscan.exe] => (Allow) C:\program files\cakewalk\shared utilities\vstscan.exe
FirewallRules: [TCP Query User{14B4C47E-6C38-4E31-992D-975466015B11}C:\program files\cakewalk\sonar platinum\sonarplt.exe] => (Allow) C:\program files\cakewalk\sonar platinum\sonarplt.exe
FirewallRules: [UDP Query User{AD814D75-11BE-4928-B51F-6BE40471F3DF}C:\program files\cakewalk\sonar platinum\sonarplt.exe] => (Allow) C:\program files\cakewalk\sonar platinum\sonarplt.exe
FirewallRules: [TCP Query User{1DB29FB0-3ECE-4020-A047-DD244540907A}C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{51454364-DA2D-4C38-8D8A-C5933721351F}C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pcaudiolabs daw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{0EA67431-F7CA-48BB-B4F7-B54BDE1ED9B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FA7A5811-225A-4CD2-9718-1CE099DA2271}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [{9D23BE71-0773-4484-A7A0-E32DE85C5FFE}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{A6CF28BA-EF03-4A62-B27D-F5910FB51B5C}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{8266FDEA-F451-4F9C-99B9-C3E3B6883637}] => (Allow) LPort=1980
FirewallRules: [{387D336F-44C2-4BBD-9A53-6ECFE2E1FB97}] => (Allow) LPort=1900
FirewallRules: [{501E0706-78CA-4546-95F2-E274BE63D21B}] => (Allow) LPort=1900
FirewallRules: [{E7955A66-AE1A-436F-8811-10DE86183D18}] => (Allow) LPort=8367
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 04:32:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
System errors:
=============
Error: (05/02/2015 11:16:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (05/02/2015 11:16:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
Error: (05/02/2015 11:16:13 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000d1 (0x00000000000001f0, 0x0000000000000002, 0x0000000000000000, 0xfffff88006eb212f)C:\Windows\Minidump\050215-21044-01.dmp050215-21044-01
Error: (05/02/2015 11:16:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:10:21 AM on 5/2/2015 was unexpected.
Error: (05/01/2015 09:35:34 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue169.254.227.208:8367
Error: (05/01/2015 09:35:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (05/01/2015 09:35:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
Error: (05/01/2015 08:57:32 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue169.254.227.208:8367
Error: (05/01/2015 08:57:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053
Error: (05/01/2015 08:57:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
Microsoft Office Sessions:
=========================
Error: (05/02/2015 04:32:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
Error: (05/02/2015 04:19:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service David\032Rosen\032Studio\032PC._omni-live._tcp.local. port 1582.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 21%
Total physical RAM: 32593.86 MB
Available physical RAM: 25610.52 MB
Total Pagefile: 33616.05 MB
Available Pagefile: 25127.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:111.79 GB) (Free:11.36 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Samples) (Fixed) (Total:953.87 GB) (Free:207.17 GB) NTFS
Drive f: (Projects) (Fixed) (Total:1863.01 GB) (Free:747.51 GB) NTFS
Drive h: (David Backup Drive) (Fixed) (Total:1862.98 GB) (Free:236.08 GB) NTFS
Drive i: (Glyph1 Samples Drive) (Fixed) (Total:1863.01 GB) (Free:1132.59 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: C68D6B8C)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 41BB49C5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 41BB49C4)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DB558E4E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
# AdwCleaner v4.203 - Logfile created 02/05/2015 at 17:47:31
# Updated 30/04/2015 by Xplode
# Database : 2015-05-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : PCAudioLabs DAW - DAVIDROSENSTUDI
# Running from : C:\Users\PCAudioLabs DAW\Desktop\adwcleaner_4.203.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\PCAudioLabs DAW\AppData\Local\PackageAware
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [952 bytes] - [02/05/2015 17:46:25]
AdwCleaner[S0].txt - [882 bytes] - [02/05/2015 17:47:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [940 bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 7 Professional x64
Ran by PCAudioLabs DAW on Sat 05/02/2015 at 17:50:37.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/02/2015 at 17:52:01.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bydavidrosen
2015-05-03, 03:05
OK and here's the Malwarebytes Results:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 5/2/2015
Scan Time: 5:57:30 PM
Logfile:
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.05.03.01
Rootkit Database: v2015.04.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: PCAudioLabs DAW
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 450682
Time Elapsed: 6 min, 18 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Not much removed at all
Lets try setting Chrome back to default
Click the Chrome menu http://i24.photobucket.com/albums/c30/ken545/Clipboard01_zps2e55f676.jpgon the browser toolbar.
Select Settings.
Scroll down to Show advanced settings...
Down on the bottom you will see an option for RESET BROWSER SETTINGS
Click on it and it will set Chome back to defaults
Let me know if it helped
bydavidrosen
2015-05-03, 04:52
I've done that before in the past, and it always seems like it's going to work, but then within hours or days I get pop ups again. And keep in mind these popups are totally intermittent. I might not see them for days at a time, as long as a week maybe. But they always end up coming back... I'll try it again tomorrow (after having done all this other stuff) and kinda just see how long I go before it happens again. Thanks for your help.
BTW, I have 5 computers total that I use on a regular basis (2 are my parents, 2 are mine, and 1 laptop). One of my other computers (one at work) has been having similar popups, so I'm going to probably try running all this stuff from that one too next week when I'm back at the store. If I run into anything I'll definitely be back on here to let you know :-)
Thanks again. I'll let you know if I start having the issue again.
If you look on the latest FRST log under Chrome, you have a ton of extensions, one of those may be the culprit
Lets do a few things
Click the Chrome menu http://i24.photobucket.com/albums/c30/ken545/Clipboard01_zps2e55f676.jpgon the browser toolbar.
Click on Settings
Open a specific page or set of pages.
Set Pages
Remove Any you dont want
You can copy and paste the url from a page you like or if you have that page open select use current
OK your way out and close chome.
Reopen Chrome and make sure your start page is the one you want
Open Chrome
Click the Chrome menu http://i24.photobucket.com/albums/c30/ken545/Clipboard01_zps2e55f676.jpgon the browser toolbar.
Click on History
Click on Clear Browsing History
Check
1. Browsing History
2. Cookies and Site Plug Ins
3. Cached Images and Files
Then ok your way out and close Chrome
Click the Chrome menu http://i24.photobucket.com/albums/c30/ken545/Clipboard01_zps2e55f676.jpgon the browser toolbar.
Select Settings.
On the left pane click on Extensions
Remove the ones that you dont use or want.
Then disable them all and enable them one at a time until you find the culprit
Check back with me in a few days and let me know how it went, there are other tools we can run
bydavidrosen
2015-05-03, 16:03
Before I continue... Just wanted to let you know, I clicked on your message, not on the link, just in the page, so I could start using my mouse's scroll wheel to scroll down, and right when I clicked in the text area, a tab popped open, but I closed it before it got a chance to load. This is the link:
http://www.stamplive.com/lr.php?zoneid=9612&oaparams=9_zqxjzqx_bannerid=339464_zqxjzqx_zoneid=9612_zqxjzqx_OXLCA=1_zqxjzqx_cb=abb0c3aa25_zqxjzqx_s1=49402_127__zqxjzqx_oadest=http%3A%2F%2Ftah.trueharborjump.com%2F%3Fkw%3D9612%26s1%3D419258250.339464.abb0c3aa25.9612.28c455472e363dd33229742b4014876b%26s2%3Dpc
Don't know if that helps at all.
bydavidrosen
2015-05-03, 16:05
Before I continue... Just wanted to let you know, I clicked on your message, not on the link, just in the page, so I could start using my mouse's scroll wheel to scroll down, and right when I clicked in the text area, a tab popped open, but I closed it before it got a chance to load. This is the link:
http://www.stamplive.com/lr.php?zoneid=9612&oaparams=9_zqxjzqx_bannerid=339464_zqxjzqx_zoneid=9612_zqxjzqx_OXLCA=1_zqxjzqx_cb=abb0c3aa25_zqxjzqx_s1=49402_127__zqxjzqx_oadest=http%3A%2F%2Ftah.trueharborjump.com%2F%3Fkw%3D9612%26s1%3D419258250.339464.abb0c3aa25.9612.28c455472e363dd33229742b4014876b%26s2%3Dpc
Don't know if that helps at all.
And wanted to add, I just searched for this stamplive, and see that it is a common malware problem, but I don't know what site to go to that isn't itself malware, to find a solution, so I figure I'll wait for your response haha :-)
Thanks
bydavidrosen
2015-05-03, 16:18
WOW... Two things...
1) https://chrome.google.com/webstore/detail/chrome-notepad/ffbhefmlcoihbjcmibbfkocmnaiacinp/reviews?utm_source=chrome-app-launcher-info-dialog I just got this random feeling... I'm sure LOTS of people have Lastpass, have Any.Do, have Pocket, have Pushbullet, have Pinterest, etc, but probably not a lot of people have Chrome Notepad which is an extension I've had forever, but I certainly don't know anyone else with it... It's got a great overall rating, but check out the reviews. All the recent ones say it installs malware in recent updates! So I think I know what the culprit was maybe. I just removed it from Chrome.
2) I went to where you can manage your cookies and removed the cookies for that stamplive.com ... I hope that's OK. Probably should have waited on your suggestion for that one.
Stamplive is the culprit, does this happen with all three browsers or just chome ??
Internet Explorer
Open Internet Explorer
Click on Tools up on the top right
Click on Manage Add Ons from the dropdown list
In this window you can manage the Internet Explorer add-ons
Click on Search Providers
Click on the option Toolbars and Extensions on left side of the window.
Then click on the malicious items to remove Stamplive
Make Google you default
Close IE and then open it again and see if Stamplive are gone
Chrome
Open Chrome
Click the Chrome menu http://i24.photobucket.com/albums/c30/ken545/Clipboard01_zps2e55f676.jpgon the browser toolbar.
Click on Settings
Then Manage Search Engines
Highlight Stamplive and select Delete
Then go to Other Search Engines and remove all you dont want
Firefox
Open Firefox
Up on the Top Right in the Search Box , click on the down arrow and select Manage Search Engines
Highlight Stamplive and select Delete
bydavidrosen
2015-05-03, 17:04
IE:
The only thing I find is under Toolbars and Extensions are Smart.Recovery 2 and GBHO.BHO. I hit disable on them.
Chrome:
Stamplive was NOT in there (maybe because I already deleted cookies?). I'm surprised at the huge list of "other search engines" though... I could go through and delete them all... I just deleted a bunch of suspicious looking ones that aren't sites I regularly go to.
And I don't have Firefox.
OK, lets just hang on a day or so and see if it comes back
bydavidrosen
2015-05-03, 18:26
OK, lets just hang on a day or so and see if it comes back
Great, thank you again. I'll be in touch if I see some more pop-ups.
David