Solved Hi I am new to this.

[LovesHounds]

Hi, I am having a problem with a dllhost.exe (Not showing *32) Nothing seems to find it. I get multibles when I click on internet explorer which opens and closes right away. Any help would be greatly appreciated.

Here are copies of my files.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Sinnfamily (administrator) on SINNFAMILY-PC on 21-05-2015 20:36:36
Running from C:\Users\Sinnfamily\Downloads
Loaded Profiles: Sinnfamily & (Available profiles: Sinnfamily)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-20] (Avast Software s.r.o.)
HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe [927920 2015-04-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\RunOnce: [Adobe Speed Launcher] => 1432249471
HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe [927920 2015-04-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1432249471
HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-20] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {1235B3BB-2B63-4F90-BA16-37F536739926} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {BFE680F5-69D4-4A76-A974-C15503F8F00B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1235B3BB-2B63-4F90-BA16-37F536739926} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BFE680F5-69D4-4A76-A974-C15503F8F00B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-20] (Avast Software s.r.o.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-20] (Avast Software s.r.o.)
BHO-x32: hpBHO Class -> {ABD3B5E1-B268-407B-A150-2641DAB8D898} -> C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll [2009-06-08] (AOL Products)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16] (Skype Technologies S.A.)
BHO-x32: Coupon Savings -> {C3F62D94-EEBB-11E1-B88F-CBBD4CC15727} -> C:\Program Files (x86)\Coupon Savings\toolbar.dll [2013-01-07] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - No File
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/61.18/uploader2.cab
DPF: HKLM-x32 {49E67060-2C0D-415E-94C7-52A49F73B2F1} http://zone.msn.com/bingame/pppp/default/PiratePoppers.1.0.0.39.cab
DPF: HKLM-x32 {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
DPF: HKLM-x32 {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://zone.msn.com/binGame/ZAxRcMgr.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/BINGAME/POPCAPLOADER_V10.CAB
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://petsmartcharities.webex.com/client/T27LD/webex/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 173.225.144.10 173.225.144.70

FireFox:
========
FF ProfilePath: C:\Users\Sinnfamily\AppData\Roaming\Mozilla\Firefox\Profiles\4iuichbd.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.facebook.com/?ref=logo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-05] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @talk.google.com/O1DPlugin -> C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sinnfamily\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sinnfamily\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Sinnfamily\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Sinnfamily\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF user.js: detected! => C:\Users\Sinnfamily\AppData\Roaming\Mozilla\Firefox\Profiles\4iuichbd.default\user.js [2013-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2013-08-02] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Sinnfamily\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Sinnfamily\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-20]

Chrome:
=======
CHR HomePage: Default -> hxxp://facebook.com/
CHR StartupUrls: Default -> ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-04]
CHR Extension: (No Name) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbgbcgglihpocekaopnclahmonoolicp [2013-08-22]
CHR Extension: (Google Search) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-04]
CHR Extension: (Bookmark Manager) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-20]
CHR Extension: (Avast Online Security) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-20]
CHR Extension: (RealDownloader) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Hangouts) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-08-08]
CHR Extension: (Google Wallet) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-20]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-20] (Avast Software s.r.o.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1517480 2015-04-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 EFS; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 nvsvc; C:\Windows\SysWOW64\nvvsvc.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
S3 ProtectedStorage; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SamSs; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
S3 VaultSvc; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-20] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-20] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-20] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-20] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-20] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-20] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-06-22] ()
S1 qknfd; system32\drivers\qknfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 20:36 - 2015-05-21 20:36 - 00026125 _____ () C:\Users\Sinnfamily\Downloads\FRST.txt
2015-05-21 20:35 - 2015-05-21 20:36 - 00000000 ____D () C:\FRST
2015-05-21 20:34 - 2015-05-21 20:34 - 02108416 _____ (Farbar) C:\Users\Sinnfamily\Downloads\FRST64.exe
2015-05-21 20:21 - 2015-05-21 20:22 - 00465432 _____ () C:\Users\Sinnfamily\Downloads\ESETPoweliksCleaner.exe_20150521.202107.4028.log
2015-05-21 20:21 - 2015-05-21 20:21 - 00000022 _____ () C:\Users\Sinnfamily\Downloads\ESETPoweliksCleaner.exe_20150521.202107.4028.zip
2015-05-21 20:19 - 2015-05-21 20:19 - 00221384 _____ (ESET) C:\Users\Sinnfamily\Downloads\ESETPoweliksCleaner.exe
2015-05-20 19:51 - 2015-05-20 19:52 - 00001484 _____ () C:\Windows\IE11_main.log
2015-05-20 19:51 - 2015-05-20 19:51 - 55915216 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\IE11-Windows6.1-x64-en-us.exe
2015-05-20 18:27 - 2015-05-20 18:27 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\AVAST Software
2015-05-20 18:26 - 2015-05-20 18:26 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-20 18:26 - 2015-05-20 18:26 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-20 18:26 - 2015-05-20 18:26 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-20 18:25 - 2015-05-20 18:25 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-20 18:24 - 2015-05-20 18:24 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Sinnfamily\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-05-20 18:24 - 2015-05-20 18:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-20 16:54 - 2015-05-20 16:54 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.135558928799315.1.4.Run.exe
2015-05-20 16:43 - 2015-05-20 16:43 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run (2).exe
2015-05-20 16:38 - 2015-05-20 16:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run (1).exe
2015-05-20 16:34 - 2015-05-20 16:34 - 00039148 _____ () C:\Users\Sinnfamily\Downloads\ResultReport.html
2015-05-20 16:33 - 2015-05-20 16:44 - 00000000 ____D () C:\MATS
2015-05-20 16:32 - 2015-05-20 16:32 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2015-05-20 15:52 - 2015-05-21 18:06 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-20 15:51 - 2015-05-20 16:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-20 15:51 - 2015-05-20 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-20 15:51 - 2015-05-20 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-20 15:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-20 15:51 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-20 15:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-20 15:50 - 2015-05-20 15:50 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sinnfamily\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-20 10:40 - 2015-05-20 10:40 - 00073896 _____ () C:\Users\Sinnfamily\Downloads\[SURVEY PREVIEW MODE] Spring into Summer Feedback 2014 Survey Last years.htm
2015-05-20 10:32 - 2015-05-20 19:38 - 00079036 _____ () C:\Windows\PFRO.log
2015-05-20 10:32 - 2015-05-20 19:38 - 00000448 _____ () C:\Windows\setupact.log
2015-05-20 10:32 - 2015-05-20 10:32 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-20 09:46 - 2015-05-20 09:46 - 00003874 _____ () C:\Windows\System32\Tasks\Google Update
2015-05-20 09:46 - 2015-05-20 09:46 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2015-05-20 09:39 - 2015-05-20 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2015-05-20 09:37 - 2015-05-20 09:37 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Local\Avg
2015-05-17 14:05 - 2015-05-21 06:17 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Tre shower
2015-05-17 12:27 - 2015-05-17 12:27 - 00403453 _____ () C:\Users\Sinnfamily\Documents\Tom Daddy game.ods
2015-05-17 12:18 - 2015-05-17 12:18 - 00073896 _____ () C:\Users\Sinnfamily\Desktop\[SURVEY PREVIEW MODE] Spring into Summer Feedback 2014 Survey Last years.htm
2015-05-14 18:10 - 2015-05-17 04:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 16:02 - 2015-05-13 16:02 - 00010896 _____ () C:\Users\Sinnfamily\Desktop\upcoming events.odt
2015-05-13 03:03 - 2015-05-01 08:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:03 - 2015-05-01 08:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 14:49 - 2015-05-04 20:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 14:49 - 2015-05-04 20:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 14:49 - 2015-04-21 21:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 20:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 12:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 14:49 - 2015-04-21 12:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 12:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 14:49 - 2015-04-21 11:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 14:49 - 2015-04-21 11:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 14:49 - 2015-04-21 11:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 14:49 - 2015-04-21 11:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 11:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 14:49 - 2015-04-21 11:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 11:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 14:49 - 2015-04-21 11:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 14:49 - 2015-04-21 11:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 11:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 14:49 - 2015-04-21 11:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 11:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 14:49 - 2015-04-21 11:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 14:49 - 2015-04-21 11:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 14:49 - 2015-04-21 11:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 11:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 11:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 14:49 - 2015-04-21 10:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 14:49 - 2015-04-21 10:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 10:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 10:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 14:49 - 2015-04-21 10:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 10:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 14:49 - 2015-04-21 10:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 14:49 - 2015-04-21 10:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 10:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 10:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 14:49 - 2015-04-21 10:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 14:49 - 2015-04-21 10:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 14:49 - 2015-04-21 10:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 14:49 - 2015-04-21 10:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 14:49 - 2015-04-21 09:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 14:49 - 2015-04-21 09:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 14:49 - 2015-04-17 22:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 14:49 - 2015-04-17 21:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 14:49 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 14:48 - 2015-04-27 14:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 14:48 - 2015-04-27 14:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 14:48 - 2015-04-27 14:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-12 14:48 - 2015-04-27 14:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 14:48 - 2015-04-27 14:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-12 14:48 - 2015-04-27 14:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 14:48 - 2015-04-27 12:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-12 14:48 - 2015-04-27 12:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-12 14:48 - 2015-04-27 12:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 14:48 - 2015-04-19 22:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 14:48 - 2015-04-19 22:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 14:48 - 2015-04-19 21:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 14:48 - 2015-04-19 21:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 14:48 - 2015-04-07 22:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 14:48 - 2015-04-07 22:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 14:48 - 2015-04-07 22:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 14:48 - 2015-03-03 23:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 14:48 - 2015-03-03 23:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 14:48 - 2015-03-03 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 14:48 - 2015-02-18 02:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 14:48 - 2015-02-18 02:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-12 14:48 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 14:48 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-11 22:02 - 2015-05-11 22:02 - 00000298 _____ () C:\Users\Sinnfamily\Desktop\parking.txt
2015-05-09 23:33 - 2015-05-09 23:33 - 00000488 _____ () C:\Users\Sinnfamily\Desktop\setup for Heather.txt
2015-05-07 19:04 - 2015-05-15 04:21 - 00020716 _____ () C:\Users\Sinnfamily\Desktop\planning.ods
2015-05-07 15:32 - 2015-05-07 15:32 - 00188416 _____ () C:\Users\Sinnfamily\Desktop\certificate-of-participation-1.pot
2015-04-27 10:01 - 2015-04-27 10:01 - 00000049 _____ () C:\Users\Sinnfamily\Desktop\link to JSA womans page.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 20:10 - 2014-12-31 22:06 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-05-21 20:00 - 2013-06-13 11:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-21 19:59 - 2011-02-15 13:35 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA.job
2015-05-21 19:58 - 2009-12-20 10:43 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\Adobe
2015-05-21 19:51 - 2011-09-21 15:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-21 16:38 - 2011-09-21 15:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 15:40 - 2009-11-26 12:46 - 01260091 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 07:49 - 2013-03-20 10:23 - 00000412 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-05-21 06:23 - 2011-11-11 21:22 - 00000114 _____ () C:\Users\Sinnfamily\jobq.dat
2015-05-21 06:22 - 2015-01-29 23:21 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\2015 SIS
2015-05-21 06:18 - 2011-04-11 23:59 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Family tree
2015-05-21 06:17 - 2014-01-17 20:26 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\SIS 2014
2015-05-21 06:17 - 2010-12-11 22:17 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\BBR handouts & interview stuff
2015-05-21 05:15 - 2011-02-15 13:35 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core.job
2015-05-20 19:48 - 2010-09-17 22:46 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\New folder
2015-05-20 19:47 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-20 19:47 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-20 19:44 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 19:38 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-20 16:41 - 2010-09-30 09:14 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-20 16:13 - 2011-04-09 20:27 - 00000000 ____D () C:\Windows\RegisteredPackages
2015-05-20 16:12 - 2014-02-16 13:40 - 00000000 ____D () C:\Program Files\Conduit
2015-05-20 16:12 - 2014-02-16 13:40 - 00000000 ____D () C:\Program Files (x86)\Conduit
2015-05-20 15:34 - 2012-01-01 11:18 - 00000000 ____D () C:\Windows\pss
2015-05-20 10:32 - 2014-12-13 20:32 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForSinnfamily.job
2015-05-20 09:45 - 2011-01-10 18:38 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\Skype
2015-05-20 09:45 - 2009-12-21 17:00 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\HpUpdate
2015-05-20 09:45 - 2009-08-21 14:36 - 00000000 ____D () C:\ProgramData\Temp
2015-05-20 09:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-05-20 09:40 - 2012-10-06 19:07 - 00000000 ____D () C:\ProgramData\AVG
2015-05-20 09:39 - 2011-11-04 00:29 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\AVG
2015-05-20 09:39 - 2010-02-21 19:42 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-20 08:10 - 2014-12-13 20:32 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSinnfamily
2015-05-20 07:56 - 2009-07-14 00:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-19 18:32 - 2012-04-08 14:23 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\BBR2012
2015-05-19 18:10 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 18:10 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-18 15:30 - 2011-04-09 20:27 - 00000000 ____D () C:\Users\Sinnfamily\Documents\Family Tree Maker
2015-05-17 04:54 - 2011-02-15 13:35 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA
2015-05-17 04:54 - 2011-02-15 13:35 - 00003512 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core
2015-05-17 04:28 - 2014-02-14 21:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-16 19:27 - 2015-03-01 00:55 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-15 15:44 - 2011-09-21 15:49 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 15:44 - 2011-09-21 15:49 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 06:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-05-13 03:36 - 2009-07-13 23:45 - 00359008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 03:35 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 03:35 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 03:32 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 03:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 03:13 - 2013-08-01 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 03:08 - 2009-12-23 06:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 03:03 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 08:30 - 2012-08-08 23:54 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Newletter
2015-05-04 09:08 - 2010-01-14 19:11 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Bills paid
2015-05-04 08:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-04 07:48 - 2010-04-20 06:30 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Scot's stuff
2015-05-04 07:46 - 2009-12-20 13:58 - 00029720 _____ () C:\Users\Sinnfamily\AppData\Roaming\wklnhst.dat
2015-04-30 16:38 - 2009-12-20 18:16 - 00000552 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-04-30 07:06 - 2014-03-31 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-27 11:37 - 2013-10-22 08:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-27 11:37 - 2010-04-02 05:20 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-27 11:36 - 2014-10-20 16:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-21 16:29 - 2011-08-13 23:24 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\Mozilla
2015-04-21 16:29 - 2011-02-15 13:35 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Local\Google

==================== Files in the root of some directories =======

2014-11-28 06:27 - 2015-03-12 23:04 - 0000115 _____ () C:\Users\Sinnfamily\AppData\Roaming\LogFile.txt
2009-12-20 13:58 - 2015-05-04 07:46 - 0029720 _____ () C:\Users\Sinnfamily\AppData\Roaming\wklnhst.dat
2011-10-04 16:39 - 2014-03-11 08:40 - 0123098 _____ () C:\Users\Sinnfamily\AppData\Local\ars.cache
2011-10-04 16:39 - 2014-03-11 08:40 - 1687450 _____ () C:\Users\Sinnfamily\AppData\Local\census.cache
2010-01-21 22:06 - 2010-01-21 22:06 - 0000036 _____ () C:\Users\Sinnfamily\AppData\Local\housecall.guid.cache
2011-11-04 15:30 - 2012-03-02 15:37 - 0007616 _____ () C:\Users\Sinnfamily\AppData\Local\Resmon.ResmonCfg
2014-03-11 08:09 - 2014-03-11 08:09 - 0000010 _____ () C:\Users\Sinnfamily\AppData\Local\sponge.last.runtime.cache
2012-07-02 13:31 - 2012-07-02 13:31 - 2799039 _____ () C:\Users\Sinnfamily\AppData\Local\tmp008.JPG
2012-08-06 12:29 - 2012-08-06 12:30 - 2124933 _____ () C:\Users\Sinnfamily\AppData\Local\tmp1.JPG
2011-03-22 12:37 - 2011-03-22 12:37 - 0083509 _____ () C:\Users\Sinnfamily\AppData\Local\tmp162721_1808201247450_1312501035_2079019_43889_N[1].JPG
2011-08-23 20:28 - 2011-08-23 20:28 - 0014004 _____ () C:\Users\Sinnfamily\AppData\Local\tmp168319_1869646863991_1325676592_2419376_8148056_N.JPG
2012-04-18 11:45 - 2012-04-18 11:45 - 1242447 _____ () C:\Users\Sinnfamily\AppData\Local\tmp2012-04-17_21-38-59_182.0
2012-04-18 11:45 - 2012-04-18 11:45 - 0499522 _____ () C:\Users\Sinnfamily\AppData\Local\tmp2012-04-17_21-38-59_182.JPG
2012-10-23 11:40 - 2012-10-23 11:40 - 1284650 _____ () C:\Users\Sinnfamily\AppData\Local\tmp20120205PARADE AWARD0001.0
2012-10-23 11:40 - 2012-10-23 11:40 - 0833582 _____ () C:\Users\Sinnfamily\AppData\Local\tmp20120205PARADE AWARD0001.JPG
2011-05-08 17:02 - 2011-05-08 17:02 - 0012434 _____ () C:\Users\Sinnfamily\AppData\Local\tmp222240_158756360853195_100001564965041_380420_6001237_N.JPG
2011-06-18 23:29 - 2011-06-18 23:29 - 0276955 _____ () C:\Users\Sinnfamily\AppData\Local\tmp257237_117407341680488_100002336692814_156079_3039679_O.0
2011-06-18 23:29 - 2011-06-18 23:29 - 0247997 _____ () C:\Users\Sinnfamily\AppData\Local\tmp257237_117407341680488_100002336692814_156079_3039679_O.JPG
2012-10-28 12:49 - 2012-10-28 12:49 - 0040236 _____ () C:\Users\Sinnfamily\AppData\Local\tmp2B98A1C0D66B.JPG
2012-07-23 17:15 - 2012-07-23 17:15 - 0042681 _____ () C:\Users\Sinnfamily\AppData\Local\tmp530065_10151032695518389_1500591922_N.JPG
2011-10-04 09:19 - 2011-10-04 09:19 - 0105908 _____ () C:\Users\Sinnfamily\AppData\Local\tmp533706_DEFAULT.JPG
2011-03-22 12:30 - 2011-03-22 12:30 - 0044793 _____ () C:\Users\Sinnfamily\AppData\Local\tmp6776_1225016944450_1199798880_30669952_5465887_N[1].JPG
2012-03-04 15:59 - 2012-03-04 15:59 - 0007307 _____ () C:\Users\Sinnfamily\AppData\Local\tmp70760_100000487607807_1907060964_N.0
2012-03-04 15:59 - 2012-03-04 15:59 - 0007478 _____ () C:\Users\Sinnfamily\AppData\Local\tmp70760_100000487607807_1907060964_N.1
2012-03-04 15:59 - 2012-03-04 15:59 - 0007635 _____ () C:\Users\Sinnfamily\AppData\Local\tmp70760_100000487607807_1907060964_N.JPG
2012-08-08 12:22 - 2012-08-08 12:22 - 0145542 _____ () C:\Users\Sinnfamily\AppData\Local\tmpBO0222.JPG
2010-06-14 19:30 - 2010-06-14 19:30 - 3815225 _____ () C:\Users\Sinnfamily\AppData\Local\tmpCURIOSITY[1].0
2010-06-14 19:30 - 2010-06-14 19:30 - 0749501 _____ () C:\Users\Sinnfamily\AppData\Local\tmpCURIOSITY[1].JPG
2012-08-12 10:03 - 2012-08-12 10:03 - 0078042 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDFJJDAYS.0
2012-08-12 10:03 - 2012-08-12 10:03 - 0073577 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDFJJDAYS.JPG
2012-08-04 13:50 - 2012-08-04 13:50 - 3744944 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDOTTY 2.JPG
2012-04-29 15:45 - 2012-04-29 15:45 - 3795290 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0066.JPG
2012-04-29 15:46 - 2012-04-29 15:46 - 4073377 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0067.JPG
2012-04-29 15:48 - 2012-04-29 15:48 - 3826196 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0068.JPG
2012-04-29 16:15 - 2012-04-29 16:15 - 3979096 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0069.JPG
2012-04-29 16:16 - 2012-04-29 16:16 - 3860447 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0071.JPG
2012-06-07 20:05 - 2012-06-07 20:05 - 1324937 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0113.0
2012-06-07 20:05 - 2012-06-07 20:05 - 1134693 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0113.JPG
2012-06-07 20:06 - 2012-06-07 20:10 - 1169968 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0114.0
2012-06-07 20:10 - 2012-06-07 20:10 - 1165070 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0114.JPG
2012-06-07 20:07 - 2012-06-07 20:07 - 1132928 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0115.0
2012-06-07 20:07 - 2012-06-07 20:07 - 1466839 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0115.JPG
2012-06-07 20:03 - 2012-06-07 20:03 - 1344625 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0121.0
2012-06-07 20:03 - 2012-06-07 20:03 - 0922643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0121.JPG
2012-06-07 20:02 - 2012-06-07 20:02 - 1354697 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0126.0
2012-06-07 20:02 - 2012-06-07 20:02 - 0861878 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0126.JPG
2012-06-07 23:55 - 2012-06-07 23:55 - 3874104 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0129.JPG
2012-06-07 23:56 - 2012-06-07 23:56 - 0293557 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0129_CROP.JPG
2012-07-30 23:17 - 2012-07-30 23:17 - 3818272 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0222.0
2012-07-30 23:17 - 2012-07-30 23:17 - 1247679 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0222.1
2012-07-30 23:17 - 2012-07-30 23:17 - 1317022 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0222.JPG
2012-07-30 23:18 - 2012-07-30 23:18 - 3680209 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0223.0
2012-07-30 23:18 - 2012-07-30 23:18 - 1890416 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0223.JPG
2012-07-30 23:20 - 2012-07-30 23:20 - 4060088 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0224.0
2012-07-30 23:20 - 2012-07-30 23:20 - 1670553 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0224.JPG
2012-07-30 23:21 - 2012-07-30 23:21 - 3876040 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0225.0
2012-07-30 23:21 - 2012-07-30 23:21 - 1243214 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0225.JPG
2012-07-30 23:15 - 2012-07-30 23:15 - 3911025 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0228.0
2012-07-30 23:15 - 2012-07-30 23:15 - 1859570 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0228.JPG
2012-07-30 23:13 - 2012-07-30 23:13 - 3925542 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0230.0
2012-07-30 23:13 - 2012-07-30 23:13 - 1701643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0230.JPG
2012-07-30 23:14 - 2012-07-30 23:14 - 3777079 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0231.0
2012-07-30 23:14 - 2012-07-30 23:14 - 1903590 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0231.JPG
2012-12-16 13:17 - 2012-12-16 13:17 - 2699209 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0423.0
2012-12-16 13:17 - 2012-12-16 13:17 - 0981494 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0423.JPG
2012-12-16 13:16 - 2012-12-16 13:16 - 2344082 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0427.JPG
2013-06-15 18:54 - 2013-06-15 18:54 - 3845545 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0646.JPG
2013-06-15 18:55 - 2013-06-15 18:55 - 3825319 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0648.JPG
2013-06-15 18:55 - 2013-06-15 18:55 - 3655438 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0654.JPG
2013-06-15 18:52 - 2013-06-15 18:52 - 3813732 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0657.JPG
2013-06-15 18:53 - 2013-06-15 18:53 - 3520275 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0661.JPG
2013-06-15 18:50 - 2013-06-15 18:50 - 3700495 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0662.JPG
2013-06-23 09:23 - 2013-06-23 09:23 - 3881342 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0669.JPG
2013-06-23 09:12 - 2013-06-23 09:12 - 4069139 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0683.JPG
2013-06-23 09:01 - 2013-06-23 09:01 - 3776503 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0692.JPG
2013-06-23 09:09 - 2013-06-23 09:09 - 3918280 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0693.JPG
2013-06-23 09:11 - 2013-06-23 09:11 - 4029641 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0694.JPG
2013-06-23 09:08 - 2013-06-23 09:08 - 3801721 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0695.JPG
2013-06-23 09:03 - 2013-06-23 09:03 - 4034112 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0696.0
2013-06-23 09:03 - 2013-06-23 09:03 - 1620362 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0696.JPG
2013-06-23 09:15 - 2013-06-23 09:15 - 3963372 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0699.JPG
2013-06-23 09:16 - 2013-06-23 09:16 - 3879562 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0700.JPG
2013-07-08 07:39 - 2013-07-08 07:39 - 4196228 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0709.JPG
2013-07-21 19:46 - 2013-07-21 19:46 - 3824830 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0757.JPG
2013-07-21 19:59 - 2013-07-21 19:59 - 4239298 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0766.JPG
2013-07-21 19:55 - 2013-07-21 19:55 - 3935137 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0775.0
2013-07-21 19:55 - 2013-07-21 19:55 - 1589176 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0775.JPG
2013-07-21 19:58 - 2013-07-21 19:58 - 3579938 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0777.0
2013-07-21 19:58 - 2013-07-21 19:58 - 1970441 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0777.JPG
2013-07-21 19:48 - 2013-07-21 19:48 - 3807746 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0779.0
2013-07-21 19:48 - 2013-07-21 19:48 - 1027164 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0779.JPG
2013-08-08 22:59 - 2013-08-08 22:59 - 3565728 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0824.JPG
2012-10-21 13:52 - 2012-10-21 13:52 - 2325452 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0878.JPG
2010-01-16 21:18 - 2010-01-16 21:18 - 2048379 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1417.JPG
2010-07-10 09:40 - 2010-07-10 09:40 - 1265628 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1469.JPG
2010-05-31 07:57 - 2010-05-31 07:57 - 1277265 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1487.JPG
2010-05-31 07:42 - 2010-05-31 07:42 - 1272013 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1541.JPG
2010-06-06 09:18 - 2010-06-06 09:18 - 1263599 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1549.JPG
2010-06-06 09:20 - 2010-06-06 09:20 - 1301262 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1551.JPG
2010-06-06 09:22 - 2010-06-06 09:22 - 1306984 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1553.0
2010-06-06 09:22 - 2010-06-06 09:22 - 0547400 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1553.JPG
2010-06-06 09:23 - 2010-06-06 09:23 - 1309557 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1557.0
2010-06-06 09:23 - 2010-06-06 09:23 - 0473630 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1557.JPG
2010-06-06 09:25 - 2010-06-06 09:25 - 1267254 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1565.0
2010-06-06 09:25 - 2010-06-06 09:25 - 0594259 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1565.JPG
2010-06-06 09:27 - 2010-06-06 09:27 - 1339875 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1568.0
2010-06-06 09:27 - 2010-06-06 09:27 - 0520586 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1568.JPG
2010-06-06 09:29 - 2010-06-06 09:29 - 1280711 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1569.0
2010-06-06 09:29 - 2010-06-06 09:29 - 0518193 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1569.JPG
2010-06-06 09:30 - 2010-06-06 09:30 - 1274621 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1570.0
2010-06-06 09:30 - 2010-06-06 09:30 - 0599313 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1570.JPG
2010-06-06 09:32 - 2010-06-06 09:32 - 1304661 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1572.0
2010-06-06 09:32 - 2010-06-06 09:32 - 0564461 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1572.JPG
2010-06-06 09:33 - 2010-06-06 09:33 - 1300830 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1578.JPG
2010-08-22 20:39 - 2010-08-22 20:39 - 0121084 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1640.JPG
2010-08-22 20:44 - 2010-08-22 20:44 - 0117011 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1644.JPG
2010-08-22 20:41 - 2010-08-22 20:41 - 0117101 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1654.JPG
2010-08-30 11:06 - 2010-08-30 11:06 - 0122993 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1695.0
2010-08-30 11:06 - 2010-08-30 11:06 - 0060817 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1695.JPG
2010-09-06 18:15 - 2010-09-06 18:15 - 0124348 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1714.0
2010-09-06 18:15 - 2010-09-06 18:15 - 0108811 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1714.JPG
2010-09-06 18:22 - 2010-09-06 18:22 - 0118396 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1739.JPG
2010-09-06 18:20 - 2010-09-06 18:20 - 0118228 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1742.JPG
2010-09-06 18:21 - 2010-09-06 18:21 - 0114721 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1743.0
2010-09-06 18:21 - 2010-09-06 18:21 - 0041374 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1743.JPG
2010-09-06 18:19 - 2010-09-06 18:19 - 0118885 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1744.0
2010-09-06 18:19 - 2010-09-06 18:19 - 0045942 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1744.JPG
2010-09-07 12:21 - 2010-09-07 12:21 - 0120370 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1745.0
2010-09-07 12:21 - 2010-09-07 12:21 - 0052945 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1745.JPG
2010-09-07 12:24 - 2010-09-07 12:24 - 0114235 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1747.0
2010-09-07 12:24 - 2010-09-07 12:24 - 0040090 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1747.1
2010-09-07 12:24 - 2010-09-07 12:24 - 0041416 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1747.JPG
2010-10-03 18:18 - 2010-10-03 18:18 - 0119938 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1773.JPG
2010-12-19 18:29 - 2010-12-19 18:28 - 1293192 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1852.0
2010-12-19 18:29 - 2010-12-19 18:29 - 0614563 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1852.1
2010-12-19 18:29 - 2010-12-19 18:29 - 0614469 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1852.JPG
2010-12-19 18:27 - 2010-12-19 18:27 - 1280704 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.0
2010-12-19 18:27 - 2010-12-19 18:27 - 0580990 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.1
2010-12-19 18:27 - 2010-12-19 18:27 - 0580948 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.2
2010-12-19 18:27 - 2010-12-19 18:27 - 0580913 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.3
2010-12-19 18:27 - 2010-12-19 18:27 - 0580919 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.JPG
2010-12-24 22:15 - 2010-12-24 22:15 - 1305656 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.0
2010-12-24 22:15 - 2010-12-24 22:15 - 0567634 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.1
2010-12-24 22:16 - 2010-12-24 22:15 - 0567657 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.2
2010-12-24 22:16 - 2010-12-24 22:16 - 0567635 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.3
2010-12-24 22:16 - 2010-12-24 22:16 - 0567637 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.JPG
2010-12-24 22:14 - 2010-12-24 22:14 - 1277706 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1905.0
2010-12-24 22:14 - 2010-12-24 22:14 - 0599806 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1905.1
2010-12-24 22:14 - 2010-12-24 22:14 - 0599755 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1905.JPG
2011-01-07 00:56 - 2011-01-07 00:56 - 1284286 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1916.0
2011-01-07 00:56 - 2011-01-07 00:56 - 0611358 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1916.JPG
2011-02-05 01:04 - 2011-02-05 01:04 - 1306128 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1935.JPG
2011-02-05 01:06 - 2011-02-05 01:06 - 1310801 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1938.JPG
2011-02-05 01:07 - 2011-02-05 01:07 - 1283349 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1939.JPG
2011-02-05 01:09 - 2011-02-05 01:09 - 1268925 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1941.JPG
2011-02-05 01:10 - 2011-02-05 01:10 - 1267643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1942.JPG
2011-02-05 01:11 - 2011-02-05 01:11 - 1284254 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1943.JPG
2011-02-05 01:13 - 2011-02-05 01:14 - 1301055 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1947.0
2011-02-05 01:14 - 2011-02-05 01:14 - 0466224 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1947.JPG
2011-02-05 01:15 - 2011-02-05 01:15 - 1293138 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1949.0
2011-02-05 01:15 - 2011-02-05 01:15 - 0472954 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1949.JPG
2011-02-05 01:16 - 2011-02-05 01:16 - 1259107 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1950.0
2011-02-05 01:17 - 2011-02-05 01:16 - 0437101 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1950.JPG
2011-02-05 01:17 - 2011-02-05 01:17 - 1282235 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1954.JPG
2011-02-05 01:19 - 2011-02-05 01:19 - 1308872 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1960.JPG
2011-02-13 17:34 - 2011-02-13 17:34 - 1271178 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1963.JPG
2011-02-13 17:35 - 2011-02-13 17:35 - 1276081 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1964.JPG
2011-02-13 17:36 - 2011-02-13 17:36 - 1279742 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1965.JPG
2011-02-13 17:42 - 2011-02-13 17:42 - 1292904 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1972.0
2011-02-13 17:42 - 2011-02-13 17:42 - 0595188 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1972.JPG
2011-02-15 22:00 - 2011-02-15 22:00 - 1294126 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1986.JPG
2011-02-24 22:24 - 2011-02-24 22:24 - 1307352 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1991.0
2011-02-24 22:24 - 2011-02-24 22:24 - 0549948 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1991.JPG
2011-03-06 17:46 - 2011-03-06 17:46 - 1318782 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1997.JPG
2011-03-06 17:43 - 2011-03-06 17:43 - 1332932 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2002.0
2011-03-06 17:43 - 2011-03-06 17:43 - 0510210 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2002.JPG
2011-03-06 17:44 - 2011-03-06 17:44 - 1316416 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2003.JPG
2011-03-07 09:34 - 2011-03-07 09:33 - 1274890 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2004.0
2011-03-07 09:34 - 2011-03-07 09:34 - 0789483 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2004.JPG
2011-03-07 21:53 - 2011-03-07 21:53 - 1274885 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2005.JPG
2011-03-07 21:52 - 2011-03-07 21:52 - 1267421 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2010.JPG
2011-03-07 21:56 - 2011-03-07 21:56 - 1273974 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2011.JPG
2011-03-07 21:57 - 2011-03-07 21:57 - 1277302 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2013.JPG
2011-03-07 21:54 - 2011-03-07 21:54 - 1293404 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2017.JPG
2011-04-16 20:51 - 2011-04-16 20:51 - 1315581 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2025.JPG
2011-04-16 20:51 - 2011-04-16 20:51 - 1292080 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2026.JPG
2011-04-16 20:49 - 2011-04-16 20:49 - 1314801 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2035.0
2011-04-16 20:49 - 2011-04-16 20:49 - 0599006 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2035.JPG
2011-04-25 15:20 - 2011-04-25 15:20 - 1307596 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2112.JPG
2011-04-30 22:38 - 2011-04-30 22:38 - 1298066 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2136.JPG
2011-04-30 22:39 - 2011-04-30 22:39 - 1322262 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2138.JPG
2011-04-30 22:40 - 2011-04-30 22:40 - 1309634 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2139.JPG
2011-04-30 22:41 - 2011-04-30 22:41 - 1322904 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2140.JPG
2011-06-12 13:52 - 2011-06-12 13:52 - 1262679 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2169.JPG
2011-06-12 13:55 - 2011-06-12 13:55 - 1279366 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2177.JPG
2011-06-12 13:49 - 2011-06-12 13:49 - 1261334 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2180.JPG
2011-06-12 13:50 - 2011-06-12 13:50 - 1293257 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2182.JPG
2011-06-17 22:31 - 2011-06-17 22:31 - 1321172 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2183.0
2011-06-17 22:31 - 2011-06-17 22:31 - 0509959 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2183.JPG
2011-06-19 22:04 - 2011-06-19 22:04 - 0116703 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2187.JPG
2011-06-19 22:05 - 2011-06-19 22:05 - 0116082 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2190.JPG
2011-06-19 22:01 - 2011-06-19 22:01 - 0117748 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2193.JPG
2011-06-19 22:03 - 2011-06-19 22:03 - 0117035 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2197.JPG
2011-06-19 22:06 - 2011-06-19 22:06 - 0118663 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2200.JPG
2011-07-18 13:17 - 2011-07-18 13:17 - 0123013 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2229.0
2011-07-18 13:17 - 2011-07-18 13:17 - 0068474 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2229.JPG
2011-08-29 17:35 - 2011-08-29 17:35 - 0120964 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2385.JPG
2011-09-11 20:25 - 2011-09-11 20:25 - 0122540 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2393.JPG
2011-09-11 20:24 - 2011-09-11 20:24 - 0125335 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2395.JPG
2011-09-11 20:26 - 2011-09-11 20:26 - 0123971 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2398.JPG
2011-09-11 20:29 - 2011-09-11 20:29 - 0119387 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2405.JPG
2011-09-11 20:32 - 2011-09-11 20:32 - 0118672 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2421.JPG
2011-09-18 17:40 - 2011-09-18 17:40 - 1304426 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2449.JPG
2011-09-18 17:43 - 2011-09-18 17:43 - 1288406 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2458.JPG
2011-09-18 17:44 - 2011-09-18 17:44 - 1312647 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2459.JPG
2011-10-10 13:12 - 2011-10-10 13:12 - 1273619 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2582.JPG
2011-10-04 10:50 - 2011-10-04 10:50 - 1300377 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2616.0
2011-10-04 10:50 - 2011-10-04 10:50 - 0466372 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2616.JPG
2011-10-04 10:44 - 2011-10-04 10:44 - 1256158 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2623.0
2011-10-04 10:44 - 2011-10-04 10:44 - 0675864 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2623.JPG
2011-10-04 10:46 - 2011-10-04 10:46 - 1271643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2625.0
2011-10-04 10:46 - 2011-10-04 10:47 - 1271643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2625.JPG
2011-10-04 10:43 - 2011-10-04 10:43 - 1297844 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2629.0
2011-10-04 10:43 - 2011-10-04 10:43 - 0418412 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2629.JPG
2011-10-04 10:41 - 2011-10-04 10:41 - 1315743 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2632.0
2011-10-04 10:41 - 2011-10-04 10:41 - 0397200 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2632.JPG
2011-10-04 10:40 - 2011-10-04 10:40 - 1276351 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2633.JPG
2011-10-04 10:27 - 2011-10-04 10:27 - 1295723 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2654.0
2011-10-04 10:27 - 2011-10-04 10:27 - 0733257 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2654.JPG
2011-10-04 10:30 - 2011-10-04 10:30 - 1290307 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2655.0
2011-10-04 10:30 - 2011-10-04 10:30 - 0377537 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2655.JPG
2011-10-04 10:33 - 2011-10-04 10:33 - 1311450 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2658.JPG
2011-10-29 11:52 - 2011-10-29 11:52 - 1274442 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2812.0
2011-10-29 11:52 - 2011-10-29 11:52 - 0623965 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2812.JPG
2011-10-31 20:11 - 2011-10-31 20:11 - 1326983 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2817.JPG
2011-10-31 20:12 - 2011-10-31 20:12 - 1275600 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2819.JPG
2011-12-01 12:04 - 2011-12-01 12:04 - 1307556 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2829.0
2011-12-01 12:04 - 2011-12-01 12:04 - 0534391 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2829.JPG
2011-12-07 14:08 - 2011-12-07 14:08 - 1342024 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2837.0
2011-12-07 14:08 - 2011-12-07 14:08 - 0568931 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2837.JPG
2011-12-06 10:04 - 2011-12-06 10:04 - 1297713 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2843.0
2011-12-06 10:04 - 2011-12-06 10:04 - 0603624 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2843.JPG
2011-12-06 10:06 - 2011-12-06 10:06 - 1279630 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2845.0
2011-12-06 10:06 - 2011-12-06 10:06 - 0592591 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2845.JPG
2011-12-12 01:27 - 2011-12-12 01:27 - 1285879 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2945.JPG
2011-12-21 21:58 - 2011-12-21 21:58 - 1267066 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2964.JPG
2011-12-24 23:13 - 2011-12-24 23:13 - 1274787 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2968.JPG
2012-01-05 16:19 - 2012-01-05 16:19 - 1278695 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2969.JPG
2011-04-13 10:47 - 2011-04-13 10:47 - 0119017 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEPSON002.0
2011-04-13 10:47 - 2011-04-13 10:47 - 0141870 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEPSON002.JPG
2011-04-14 18:15 - 2011-04-14 18:15 - 0208217 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEPSON003[1].JPG
2011-03-11 18:43 - 2011-03-11 18:43 - 0947202 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEXPO_004[1].JPG
2011-10-26 10:51 - 2011-10-26 10:51 - 0178994 _____ () C:\Users\Sinnfamily\AppData\Local\tmpGRAVE MARKER.0
2011-10-26 10:51 - 2011-10-26 10:51 - 0181324 _____ () C:\Users\Sinnfamily\AppData\Local\tmpGRAVE MARKER.1
2011-10-26 10:51 - 2011-10-26 10:51 - 0181741 _____ () C:\Users\Sinnfamily\AppData\Local\tmpGRAVE MARKER.JPG
2012-12-20 23:24 - 2012-12-20 23:24 - 0057715 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHAPPYTAILS.JPG
2012-09-25 23:18 - 2012-09-25 23:18 - 2490355 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHARVEY.JPG
2012-09-25 23:16 - 2012-09-25 23:16 - 0021924 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHARVEYJ-2.0
2012-09-25 23:16 - 2012-09-25 23:16 - 0016735 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHARVEYJ-2.JPG
2013-07-22 22:56 - 2013-07-22 22:56 - 0757371 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHIBBING CABIN MAP030.0
2013-07-22 22:56 - 2013-07-22 22:56 - 1097356 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHIBBING CABIN MAP030.1
2013-07-22 22:56 - 2013-07-22 22:56 - 1118480 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHIBBING CABIN MAP030.JPG
2011-09-20 11:04 - 2011-09-20 11:04 - 0013259 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHOWLOWEEN2006.JPG
2011-06-03 12:10 - 2011-06-03 12:10 - 5016602 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8563.0
2011-06-03 12:10 - 2011-06-03 12:10 - 1152240 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8563.JPG
2011-06-03 12:11 - 2011-06-03 12:11 - 4223711 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8589.0
2011-06-03 12:11 - 2011-06-03 12:11 - 0861439 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8589.JPG
2011-06-03 12:19 - 2011-06-03 12:19 - 4716362 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_9086.0
2011-06-03 12:19 - 2011-06-03 12:19 - 1043970 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_9086.JPG
2011-01-01 19:05 - 2011-01-01 19:05 - 1166454 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJESSICA,JESSE, JD5.JPG
2011-01-01 19:06 - 2011-01-01 19:06 - 0012015 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJESSICA,JESSE, JD5_CROP.0
2011-01-01 19:06 - 2011-01-01 19:06 - 0012013 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJESSICA,JESSE, JD5_CROP.JPG
2012-12-22 22:46 - 2012-12-22 22:46 - 1395219 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJOHNBUSH2.JPG
2010-06-14 19:28 - 2010-06-14 19:28 - 3366613 _____ () C:\Users\Sinnfamily\AppData\Local\tmpLOOKING+AT+YOU[1].0
2010-06-14 19:28 - 2010-06-14 19:28 - 0697527 _____ () C:\Users\Sinnfamily\AppData\Local\tmpLOOKING+AT+YOU[1].JPG
2010-02-03 20:14 - 2011-08-23 09:25 - 0011382 _____ () C:\Users\Sinnfamily\AppData\Local\tmpME AND TEUFEL.JPG
2010-05-29 22:01 - 2010-05-29 22:01 - 2076087 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].0
2010-05-29 22:01 - 2010-05-29 22:01 - 0992653 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].1
2010-05-29 22:01 - 2010-05-29 22:01 - 0982699 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].2
2010-05-29 22:01 - 2010-05-29 22:01 - 1018182 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].JPG
2012-08-08 12:24 - 2012-08-08 12:24 - 0222265 _____ () C:\Users\Sinnfamily\AppData\Local\tmpRICKSBASSETS07162012.JPG
2010-12-07 10:25 - 2010-12-07 10:25 - 2792446 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSAM_0041[1].JPG
2010-12-07 10:27 - 2010-12-07 10:27 - 2724806 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSAM_0042[1].JPG
2010-12-07 10:28 - 2010-12-07 10:28 - 2779611 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSAM_0043[1].JPG
2013-02-21 23:45 - 2013-02-21 23:45 - 0305120 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSIS FLYER.JPG
2011-09-20 09:12 - 2011-09-20 09:12 - 0078677 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSIS.JPG
2012-12-02 12:34 - 2012-12-02 12:34 - 1372344 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL 7.0
2012-12-02 12:34 - 2012-12-02 12:34 - 0690494 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL 7.JPG
2011-08-01 18:25 - 2011-08-01 18:25 - 0089772 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL AT BASSETFEST.JPG
2010-09-13 23:27 - 2010-09-13 23:27 - 0121804 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL3[1].JPG
2011-03-17 13:03 - 2011-03-17 13:03 - 0076429 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTUEFFLES.0
2011-03-17 13:03 - 2011-03-17 13:03 - 0042211 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTUEFFLES.1
2011-03-17 13:03 - 2011-03-17 13:03 - 0044867 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTUEFFLES.JPG
2013-08-09 10:57 - 2013-08-09 10:57 - 0331186 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTYKE.JPG
2012-12-22 22:50 - 2012-12-22 22:50 - 2270875 _____ () C:\Users\Sinnfamily\AppData\Local\tmpUNITED NATIONS COMMAND SUPPORT GROUP.JPG
2011-09-20 09:12 - 2011-09-20 09:12 - 0115122 _____ () C:\Users\Sinnfamily\AppData\Local\tmpWELCOME FROM STONE MOUNTAIN.JPG
2010-02-13 21:07 - 2010-02-13 21:07 - 0022618 _____ () C:\Users\Sinnfamily\AppData\Local\tmpWHITE_BUTTERFLY_SNIFFER[1].JPG
2013-08-10 19:10 - 2013-08-10 19:10 - 0000000 _____ () C:\ProgramData\3b203d3a29333421252a593f31_c
2014-10-19 18:23 - 2014-10-19 18:23 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-01-10 18:40 - 2011-01-10 18:40 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\Users\Sinnfamily\jobq.dat


Some files in TEMP:
====================
C:\Users\Sinnfamily\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Sinnfamily\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Sinnfamily\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Sinnfamily\AppData\Local\Temp\SDShelEx-x64.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\nvvsvc.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe
C:\Windows\SysWOW64\WUDFHost.exe
C:\Windows\System32\nvd3dum.dll
C:\Windows\System32\nvwgf2um.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-20 22:12

==================== End of log ============================
2nd Log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Sinnfamily at 2015-05-21 20:37:31
Running from C:\Users\Sinnfamily\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2643768202-156854014-2583388340-500 - Administrator - Disabled)
Guest (S-1-5-21-2643768202-156854014-2583388340-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2643768202-156854014-2583388340-1002 - Limited - Enabled)
Sinnfamily (S-1-5-21-2643768202-156854014-2583388340-1001 - Administrator - Enabled) => C:\Users\Sinnfamily

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.3.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX Free Download Packages (HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\Adobe Flash Player ActiveX Free Download Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player ActiveX Free Download Packages (HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Adobe Flash Player ActiveX Free Download Packages) (Version: - ) <==== ATTENTION
Adobe Reader Free Download Packages (HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\Adobe Reader Free Download Packages) (Version: - ) <==== ATTENTION
Adobe Reader Free Download Packages (HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Adobe Reader Free Download Packages) (Version: - ) <==== ATTENTION
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
Coupon Savings (HKLM-x32\...\Coupon Savings) (Version: 1.0 - Savings Apps) <==== ATTENTION
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.379 - Ancestry.com)
Family Tree Maker 2011 (x32 Version: 20.0.379 - Ancestry.com) Hidden
FamilySearch Indexing 3.10.5 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.10.5 - FamilySearch)
FamilySearch Linking 1.1.0 (HKLM-x32\...\0591-8077-9297-0833-1) (Version: 1.1.0 - FamilySearch)
Firefox Free Download Packages (HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\Firefox Free Download Packages) (Version: - ) <==== ATTENTION
Firefox Free Download Packages (HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox Free Download Packages) (Version: - ) <==== ATTENTION
Free File Viewer 2014 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2014.2.16.0 - Bitberry Software) <==== ATTENTION
FUJIFILM MyFinePix Studio 2.0 (HKLM-x32\...\FinePix Genie_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Homepage Protection (HKLM-x32\...\Homepage Protection) (Version: - AOL Products)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP ENVY 4500 series Basic Device Software (HKLM\...\{38A08516-1847-43E4-8076-9540B60EC43B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{3A5F6684-5FD8-4660-A4DA-BF60A20FCCFC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5882 - Realtek Semiconductor Corp.)
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uniblue RegistryBooster (HKLM-x32\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

30-04-2015 07:04:50 Installed AVG 2015
08-05-2015 03:39:32 Scheduled Checkpoint
13-05-2015 03:00:38 Windows Update
19-05-2015 18:09:50 Windows Update
20-05-2015 09:37:59 Installed AVG PC TuneUp 2015
20-05-2015 16:44:33 AVG 2015

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00DE05F7-C4C2-4461-B40C-0CA9AEAFB3D7} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-10-20] (CyberLink Corp.)
Task: {048B52EB-3E7E-4737-81C5-ACC489A6E904} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {0D301EBB-5114-4655-8904-9DE15036F3C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {17B83FB2-BD08-4668-BBA5-1E0D76ADCB97} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2B1C0F13-4C81-4717-B976-9DE922CB21F4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36D38275-813C-4788-B1AB-3779C3F2F598} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {5B105DDE-C5D1-42E9-A71A-B1D20E9FCB26} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2013-03-25] (Bitberry Software) <==== ATTENTION
Task: {6267E7E9-9D6A-41CA-A45C-EC8E2D68322B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6ACE0257-90C2-433B-9293-A8913B336AFB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2643768202-156854014-2583388340-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {6E4E334F-75C0-46E8-81FE-2243052EC701} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07-02] (PC-Doctor, Inc.)
Task: {726F081B-293C-4B46-8725-F09B51D31EC8} - \ProgramRefresh-ATFST No Task File <==== ATTENTION
Task: {72B810CC-FF0E-4D5E-A275-971FD7D12A79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7B4207E6-F2CF-45C3-BE5B-742E3CAC74BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {8D9E64D7-9597-4BFE-BFFB-66505B2C918F} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-12-31] ()
Task: {917BB944-4725-4B52-A174-A2ABC541FCF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {922ECA91-B0D0-4F5E-9E67-09CAA18910A8} - System32\Tasks\{95EEF560-9095-4226-A149-6BC6A070B950} => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {92F47BF9-5F86-45CD-8F3F-64C84078CC81} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {98B4F376-E5F1-4AB0-91B1-0ABE576B94B1} - System32\Tasks\Google Update => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {9C41A200-A3BC-4255-A88B-9B094C22A07A} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {9EB87832-63D6-47B0-AA08-D15DEE543D72} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2643768202-156854014-2583388340-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A44BA7CF-38BA-4AD1-B970-82B6530D3FC7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN47T1507X => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {B3D5A209-57D7-42F6-B758-196D312C9C98} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
Task: {C0096E98-F13A-47F0-8A91-66B0763601AF} - System32\Tasks\HPCeeScheduleForSinnfamily => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C8FF2829-6472-46F5-9C86-D0D000FA13BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D273146D-2A8C-4339-9A6C-9BBB18BDE05C} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {D5082955-084C-42C7-A1B3-92418DAF3313} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {DB23E848-922E-43C5-B7F1-B5FA7DADE589} - \ProgramUpdateCheck No Task File <==== ATTENTION
Task: {DCA7AA00-2695-42E5-8448-76A39D4A6B9E} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: {E853C7A8-D1A1-4AF6-A451-747EB0D00AC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {EBD141B3-63E0-4A72-8E9C-DF3AB841FB16} - System32\Tasks\{47742B60-D7A2-424D-8371-21724FCD2E7C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {EDBB4BBF-2315-401E-BD70-20E9ACAB5586} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {F8D7255A-057C-4D5B-B371-5DEDDE35203D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {FA4F0B45-642B-4CEA-BAD2-2808F9D8A5D9} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {FD855F12-7FA9-431D-8FD0-621F646AB67E} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {FDB407C0-6848-489E-9081-B52D1DB72EC6} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core.job => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA.job => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSinnfamily.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-05-20 18:26 - 2015-05-20 18:26 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-20 18:26 - 2015-05-20 18:26 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-20 18:26 - 2015-05-20 18:26 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15052001\algo.dll
2015-05-21 15:26 - 2015-05-21 15:26 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052101\algo.dll
2015-05-20 18:26 - 2015-05-20 18:26 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-14 20:55 - 2015-05-04 23:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-14 20:55 - 2015-05-04 23:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
2014-03-11 08:18 - 2014-03-11 08:18 - 00000000 _____ () C:\Windows\system32\nvd3dum.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:4A74A9A7
AlternateDataStreams: C:\ProgramData\Temp:6611AB82
AlternateDataStreams: C:\ProgramData\Temp:972E051C

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\skillsoft.com -> hxxp://support.skillsoft.com
IE trusted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\usaa.com -> hxxps://www.usaa.com

IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123simsen.com -> www.123simsen.com

There are 7369 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2643768202-156854014-2583388340-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sinnfamily\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2643768202-156854014-2583388340-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Sinnfamily\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 173.225.144.10 - 173.225.144.70

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sinnfamily^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP ENVY 4500 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP ENVY 4500 series.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sinnfamily^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ChristmasHolidayLaughs Search Scope Monitor => "C:\PROGRA~2\CHRIST~2\bar\1.bin\4msrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{862AFB70-51E0-4527-A271-8089B56E8C4F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{C18F71C2-F36F-4625-AB27-90EEB8D1E479}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{385AA1C8-3FA9-4B3B-BD9E-7367B718C947}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{AF8F13B3-F77D-4B1A-A975-B0E42F3F829E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{92E9E16B-95EC-46F4-B8B4-D8B4C5855C30}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{FC56BC42-4EC5-45EA-AC62-97E5A14B0D6F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{05E9270A-E3F2-4A90-9AF9-0531E88870E4}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{AC5E908D-A55B-4F73-B15C-CFB0F6EBD26D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{FA0AE581-0A66-43A8-8CB7-EE5700994EE7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{2CC2996A-B44E-4A2D-AE0C-D3C753CC0F22}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{ED0C4EDA-F45E-4296-93BB-4D28D09994E2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{2E4E8EDE-C9CE-4343-8260-A16DE0E95A03}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{764617C5-1D03-4EEB-BB6D-7672F4F38A7B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{994A22F0-68B9-4379-B5E1-15A52E7F438D}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{6B53A456-3420-4983-B732-CAD108778133}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{43230E3A-F961-4F8F-8602-AB42EFBEDA78}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [TCP Query User{2AEFA044-16C5-4238-B681-8418467C5584}C:\program files (x86)\hp\common\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common\hpdevicedetection3.exe
FirewallRules: [UDP Query User{091005CC-A496-4F92-9DA6-417FD38247FB}C:\program files (x86)\hp\common\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common\hpdevicedetection3.exe
FirewallRules: [{8B135CC0-C6E0-4069-B143-AD1F8F02841E}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
FirewallRules: [{A4B859C2-5460-4CB6-928D-57A5938BE20C}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{1DF73D99-F679-4C80-93F8-B2A2ED120C2E}] => (Allow) LPort=5357
FirewallRules: [{C6EFD0B0-9F11-4CDB-8D30-004DB350980F}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{127708EF-BEB7-418B-B25C-B54170BF40A1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C9FF2BD2-15F0-499F-9022-0D9509EBF9D3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D3397118-8472-4381-AC23-FF7ED3BD3CF1}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{82CEA311-9153-4A12-ADE0-5A2ED5A52AA3}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{21183FC2-B84E-4444-8F8D-D71894E4F72E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8C049D7F-3109-4691-935E-FDD25D6565CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{21BFE7F7-E7BC-4CB6-89E4-12D8FBB42846}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{55C6E141-EDA0-408D-8D7C-8C9686C535DB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{D023B66A-0EC2-406D-8FB7-32166B367688}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B38C3E4D-7DA4-45F6-AA03-5F270DF6F79E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{C37D1B0D-989A-4AB2-9D1D-B0F80D5A75B1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{D8FF93A6-3DE4-40BC-947B-44A6A7A1CEE0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{31143E86-0CAB-45BF-8A62-B10592C8D831}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FA2DB4C0-236C-410E-8DB5-B7A4F3C1F6FA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{1092DECB-A338-4EF5-AA52-99BFA5566C05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7133564D-8800-4463-9B55-7C6DF7E54531}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

==================== Faulty Device Manager Devices =============

Name: qknfd
Description: qknfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: qknfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/21/2015 08:37:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:36:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:35:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:34:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:33:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:32:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:31:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:30:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:29:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:28:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered


System errors:
=============
Error: (05/21/2015 04:38:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (05/21/2015 07:49:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (05/20/2015 07:38:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
qknfd

Error: (05/20/2015 07:38:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753637.

Error: (05/20/2015 07:38:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:35:36 PM on ‎5/‎20/‎2015 was unexpected.

Error: (05/20/2015 07:34:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (05/20/2015 07:32:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (05/20/2015 07:30:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (05/20/2015 07:30:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (05/20/2015 07:28:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.


Microsoft Office:
=========================
Error: (05/21/2015 08:37:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:36:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:35:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:34:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:33:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:32:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:31:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:30:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:29:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/21/2015 08:28:41 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 620 Processor
Percentage of memory in use: 32%
Total physical RAM: 7935.23 MB
Available physical RAM: 5334.78 MB
Total Pagefile: 15868.68 MB
Available Pagefile: 12115.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:584.07 GB) (Free:510.25 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:12 GB) (Free:2.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Pictures) (CDROM) (Total:0.69 GB) (Free:0.08 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End of log ============================

 

[argus]

Hello,

Uninstall some programs

We need to uninstall some unwanted/unneeded programs.

• Press the
  
  + R on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

• 
  Adobe Flash Player ActiveX Free Download Packages
  Adobe Reader Free Download Packages
  Coupon Savings
  Download Updater (AOL LLC)
  Firefox Free Download Packages
  Free File Viewer 2014
  

After completing uninstalls, please manually reboot your machine!

Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.





Always have one (and no more than one!) AntiVirus program! In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. Please choose only one from the listed below to stay with and uninstall the others:

• Avast
• AVG

Uninstallation procedure:

• Press the
  
  + R on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search for each uninstalled entry, right-click it and select Uninstall.

This should be done until any other steps will be taken.

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

 

[LovesHounds]

Hi I deleted the files. Nothing happened when I hit the windows key+R. But I was able to manually remove them from the uninstall programs area on my computer. I manually rebooted and ran the Scan. I can not get the file to upload.

Scan result of Farbar Recovery Scan

Tool (FRST) (x64) Version: 21-05-

2015
Ran by Sinnfamily (administrator) on

SINNFAMILY-PC on 22-05-2015

16:12:31
Running from C:\Users\Sinnfamily

\Downloads
Loaded Profiles: Sinnfamily (Available

profiles: Sinnfamily)
Platform: Windows 7 Home Premium

Service Pack 1 (X64) OS Language:

English (United States)
Internet Explorer Version 11 (Default

browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan

Tool:

http://www.geekstogo.com/forum/top

ic/335081-frst-tutorial-how-to-use-

farbar-recovery-scan-tool/

====================

Processes (Whitelisted)

=================

(If an entry is included in the fixlist,

the process will be closed. The file will

not be moved.)

(NVIDIA Corporation) C:\Windows

\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program

Files\AVAST Software\Avast

\AvastSvc.exe
(NVIDIA Corporation) C:\Windows

\System32\nvvsvc.exe
(LSI Corporation) C:\Program Files

\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:

\Program Files (x86)\Common Files

\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:

\Program Files (x86)\Malwarebytes

Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:

\Program Files (x86)\Malwarebytes

Anti-Malware\mbamservice.exe
() C:\Program Files

(x86)\RealNetworks\RealDownloader

\rndlresolversvc.exe
(Yahoo! Inc.) C:\Program Files

(x86)\Yahoo!\SoftwareUpdate

\YahooAUService.exe
(Safer Networking Ltd.) C:\Program

Files (x86)\Spybot - Search & Destroy

\SDWinSec.exe
(Malwarebytes Corporation) C:

\Program Files (x86)\Malwarebytes

Anti-Malware\mbam.exe
(Avast Software s.r.o.) C:\Program

Files\AVAST Software\Avast

\avastui.exe
(Hewlett-Packard Company) C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework

\HPSA_Service.exe


====================

Registry (Whitelisted)

==================

(If an entry is included in the fixlist,

the registry item will be restored to

default or removed. The file will not

be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:

\Program Files (x86)\AVG

\AVG2015\avgui.exe [3745232 2015-

04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] =>

C:\Program Files\AVAST Software

\Avast\AvastUI.exe [5515496 2015-

05-20] (Avast Software s.r.o.)
HKU\S-1-5-21-2643768202-

156854014-2583388340-1001\...

\Policies\system: [LogonHoursAction]

2
HKU\S-1-5-21-2643768202-

156854014-2583388340-1001\...

\Policies\system:

[DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast]

-> {472083B0-C522-11CF-8763-

00608CC02F24} => C:\Program Files

\AVAST Software\Avast\ashShA64.dll

[2015-05-20] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32:

[SharingPrivate] -> {08244EE6-92F0

-47f2-9FC9-929BAA2E7235} => No

File

====================

Internet (Whitelisted)

====================

(If an item is included in the fixlist, if

it is a registry item it will be removed

or restored to default.)

SearchScopes: HKLM -> {0633EE93-

D776-472f-A0FF-E1416B8B2E3A} URL

=
SearchScopes: HKLM -> {1235B3BB-

2B63-4F90-BA16-37F536739926} URL

= http://www.bing.com/search?q=

{searchTerms}

&FORM=HPDTDF&pc=HPDTDF&src=I

E-SearchBox
SearchScopes: HKLM -> {BFE680F5-

69D4-4A76-A974-C15503F8F00B} URL

= http://www.ask.com/web?q=

{searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 ->

{0633EE93-D776-472f-A0FF-

E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 ->

{1235B3BB-2B63-4F90-BA16-

37F536739926} URL =

http://www.bing.com/search?q=

{searchTerms}

&FORM=HPDTDF&pc=HPDTDF&src=I

E-SearchBox
SearchScopes: HKLM-x32 ->

{BFE680F5-69D4-4A76-A974-

C15503F8F00B} URL =

http://www.ask.com/web?q=

{searchterms}&l=dis&o=ushpd
BHO: AVG Safe Search -> {3CA2F312

-6F6E-4B53-A66E-4E65E497C8C0} ->

No File
BHO: avast! Online Security ->

{8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} -> C:\Program Files

\AVAST Software\Avast

\aswWebRepIE64.dll [2015-05-20]

(Avast Software s.r.o.)
BHO: HP Network Check Helper ->

{E76FD755-C1BA-4DCB-9F13-

99BD91223ADE} -> C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPNetworkCheck

\HPNetworkCheckPluginx64.dll [2013

-08-28] (Hewlett-Packard)
BHO-x32: RealPlayer Download and

Record Plugin for Internet Explorer ->

{3049C3E9-B461-4BC5-8870-

4C09146192CA} -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\IE

\rndlbrowserrecordplugin.dll [2013-

08-14] (RealDownloader)
BHO-x32: AVG Safe Search ->

{3CA2F312-6F6E-4B53-A66E-

4E65E497C8C0} -> No File
BHO-x32: Spybot-S&D IE Protection

-> {53707962-6F74-2D53-2644-

206D7942484F} -> C:\Program Files

(x86)\Spybot - Search & Destroy

\SDHelper.dll [2009-01-26] (Safer

Networking Limited)
BHO-x32: Java(tm) Plug-In SSV

Helper -> {761497BB-D6F0-462C-

B6EB-D4DAF1D92D43} -> C:\Program

Files (x86)\Java\jre1.8.0_45\bin

\ssv.dll [2015-04-27] (Oracle

Corporation)
BHO-x32: avast! Online Security ->

{8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} -> C:\Program Files

\AVAST Software\Avast

\aswWebRepIE.dll [2015-05-20]

(Avast Software s.r.o.)
BHO-x32: hpBHO Class ->

{ABD3B5E1-B268-407B-A150-

2641DAB8D898} -> C:\Program Files

(x86)\Common Files\Homepage

Protection\HomepageProtection.dll

[2009-06-08] (AOL Products)
BHO-x32: Skype Browser Helper ->

{AE805869-2E5C-4ED4-8F7B-

F1F7851A4497} -> C:\Program Files

(x86)\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll [2011-05-

16] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV

Helper -> {DBC80044-A445-435b-

BC74-9C25C1C588A9} -> C:\Program

Files (x86)\Java\jre1.8.0_45\bin

\jp2ssv.dll [2015-04-27] (Oracle

Corporation)
BHO-x32: HP Network Check Helper

-> {E76FD755-C1BA-4DCB-9F13-

99BD91223ADE} -> C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPNetworkCheck

\HPNetworkCheckPlugin.dll [2013-08

-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name -

{1E61ED7C-7CB8-49d6-B9E9-

AB4C880C8414} - No File
Toolbar: HKLM-x32 - No Name -

{CCC7A320-B3CA-4199-B1A6-

9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-

156854014-2583388340-1001 -> No

Name - {CCC7A320-B3CA-4199-B1A6

-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-

156854014-2583388340-1001 -> No

Name - {E7DF6BFF-55A5-4EB7-A673

-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2643768202-

156854014-2583388340-1001 -> No

Name - {2318C2B1-4965-11D4-9B18-

009027A5CD4F} - No File
DPF: HKLM-x32 {02BCC737-B171-

4746-94C9-0D8A0B2C0089}

http://office.microsoft.com/_layouts/C

lientBin/ieawsdc32.cab
DPF: HKLM-x32 {02BF25D5-8C17-

4B23-BC80-D3488ABDDC6B}

http://appldnld.apple.com.edgesuite.

net/content.info.apple.com/QuickTime

/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-

11CF-8075-444553540000}

http://download.macromedia.com/pu

b/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {3107C2A8-9F0B-

4404-A58B-21BD85268FBC}

http://www.pogo.com/cdl/launcher/Po

goWebLauncherInstaller.CAB
DPF: HKLM-x32 {3D3B42C2-11BF-

4732-A304-A01384B70D68}

http://picasaweb.google.com/s/v/61.1

8/uploader2.cab
DPF: HKLM-x32 {49E67060-2C0D-

415E-94C7-52A49F73B2F1}

http://zone.msn.com/bingame/pppp/d

efault/PiratePoppers.1.0.0.39.cab
DPF: HKLM-x32 {6218F7B5-0D3A-

48BA-AE4C-49DCFA63D400}

http://www.myheritage.com/Genoogl

e/Components/ActiveX/SearchEngine

Query.dll
DPF: HKLM-x32 {73ECB3AA-4717-

450C-A2AB-D00DAD9EE203}

http://h20614.www2.hp.com/ediags/g

md/Install/Cab/hpdetect119b.cab
DPF: HKLM-x32 {7E980B9B-8AE5-

466A-B6D6-DA8CF814E78A}

http://zone.msn.com/bingame/chnz/d

efault/mjolauncher.cab
DPF: HKLM-x32 {8100D56A-5661-

482C-BEE8-AFECE305D968}

http://upload.facebook.com/controls/

2009.07.28_v5.5.8.1/FacebookPhotoU

ploader55.cab
DPF: HKLM-x32 {9AA73F41-EC64-

489E-9A73-9CD52E528BC4}

http://zone.msn.com/binGame/ZAxRc

Mgr.cab
DPF: HKLM-x32 {DF780F87-FF2B-

4DF8-92D0-73DB16A1543A}

http://zone.msn.com/BINGAME/POPC

APLOADER_V10.CAB
DPF: HKLM-x32 {E06E2E99-0AA1-

11D4-ABA6-0060082AA75C}

https://petsmartcharities.webex.com/

client/T27LD/webex/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-

4FB0-9522-AC9BF37916A7}

http://platformdl.adobe.com/NOS/get

PlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-

63F8-47D5-A4D1-FBDDE494F8D1} -

No File
Handler: ms-itss - {0A9007C0-4076-

11D3-8789-0000F8105754} - No File
Handler-x32: skype-ie-addon-data -

{91774881-D725-4E58-B298-

07617B9B86A8} - C:\Program Files

(x86)\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll [2011-05-

16] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer]

173.225.144.10 173.225.144.70

FireFox:
========
FF ProfilePath: C:\Users\Sinnfamily

\AppData\Roaming\Mozilla\Firefox

\Profiles\4iuichbd.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage:

https://www.facebook.com/?ref=logo
FF Plugin: @adobe.com/FlashPlayer

-> C:\Windows\system32\Macromed

\Flash\NPSWF64_17_0_0_169.dll

[2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE

-> disabled No File
FF Plugin:

@Microsoft.com/NpCtrl,version=1.0

-> c:\Program Files\Microsoft

Silverlight\5.1.40416.0\npctrl.dll

[2015-04-16] ( Microsoft Corporation)
FF Plugin-x32:

@adobe.com/FlashPlayer -> C:

\Windows\SysWOW64\Macromed

\Flash\NPSWF32_17_0_0_169.dll

[2015-04-15] ()
FF Plugin-x32:

@adobe.com/ShockwavePlayer -> C:

\Windows\SysWOW64\Adobe

\Director\np32dsw_1202122.dll [2013

-04-03] (Adobe Systems, Inc.)
FF Plugin-x32:

@java.com/DTPlugin,version=11.45.2

-> C:\Program Files (x86)\Java

\jre1.8.0_45\bin\dtplugin

\npDeployJava1.dll [2015-04-27]

(Oracle Corporation)
FF Plugin-x32:

@java.com/JavaPlugin,version=11.45.

2 -> C:\Program Files (x86)\Java

\jre1.8.0_45\bin\plugin2\npjp2.dll

[2015-04-27] (Oracle Corporation)
FF Plugin-x32:

@microsoft.com/GENUINE -> disabled

No File
FF Plugin-x32:

@Microsoft.com/NpCtrl,version=1.0

-> c:\Program Files (x86)\Microsoft

Silverlight\5.1.40416.0\npctrl.dll

[2015-04-15] ( Microsoft Corporation)
FF Plugin-x32:

@real.com/nprndlchromebrowserrecor

dext;version=1.3.3 -> C:

\ProgramData\RealNetworks

\RealDownloader\BrowserPlugins

\MozillaPlugins

\nprndlchromebrowserrecordext.dll

[2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32:

@real.com/nprndlhtml5videoshim;ver

sion=1.3.3 -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\MozillaPlugins

\nprndlhtml5videoshim.dll [2013-08-

14] (RealNetworks, Inc.)
FF Plugin-x32:

@real.com/nprndlpepperflashvideoshi

m;version=1.3.3 -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\MozillaPlugins

\nprndlpepperflashvideoshim.dll

[2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32:

@realnetworks.com/npdlplugin;versio

n=1 -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\npdlplugin.dll [2013

-08-14] (RealDownloader)
FF Plugin-x32:

@rocketlife.com/RocketLife Secure

Plug-In Layer;version=1.0.5 -> C:

\ProgramData\Visan\plugins

\npRLSecurePluginLayer.dll [2014-11

-05] (RocketLife, LLP)
FF Plugin-x32:

@tools.google.com/Google

Update;version=3 -> C:\Program

Files (x86)\Google\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-15] (Google Inc.)
FF Plugin-x32:

@tools.google.com/Google

Update;version=9 -> C:\Program

Files (x86)\Google\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:

\Program Files (x86)\Adobe\Reader

11.0\Reader\AIR\nppdf32.dll [2014-

12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@lightspark.github.com/Lightspark;ve

rsion=1 -> C:\Program Files

(x86)\Lightspark 0.5.3-git

\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@talk.google.com/GoogleTalkPlugin

-> C:\Users\Sinnfamily\AppData

\Roaming\Mozilla\plugins

\npgoogletalk.dll [2015-04-17]

(Google)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@talk.google.com/O1DPlugin -> C:

\Users\Sinnfamily\AppData\Roaming

\Mozilla\plugins\npo1d.dll [2015-04-

17] (Google)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@tools.google.com/Google

Update;version=3 -> C:\Users

\Sinnfamily\AppData\Local\Google

\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@tools.google.com/Google

Update;version=9 -> C:\Users

\Sinnfamily\AppData\Local\Google

\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-17] (Google Inc.)
FF user.js: detected! => C:\Users

\Sinnfamily\AppData\Roaming

\Mozilla\Firefox\Profiles

\4iuichbd.default\user.js [2013-08-22]
FF Plugin ProgramFiles/Appdata: C:

\Program Files (x86)\mozilla firefox

\browser\plugins

\npMozCouponPrinter.dll [2013-08-02]

(Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:

\Users\Sinnfamily\AppData\Roaming

\mozilla\plugins\npgoogletalk.dll

[2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:

\Users\Sinnfamily\AppData\Roaming

\mozilla\plugins\npo1d.dll [2015-04-

17] (Google)
FF HKLM-x32\...\Firefox\Extensions:

[{7BA52691-1876-45ce-9EE6-

54BCB3B04BBC}] - C:\ProgramData

\Norton\{0C55C096-0F1D-4F28-AAA2

-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions:

[{DF153AFF-6948-45d7-AC98-

4FC4AF8A08E2}] - C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:

\ProgramData\RealNetworks

\RealDownloader\BrowserPlugins

\Firefox\Ext [2013-08-22]
FF HKLM-x32\...\Firefox\Extensions:

[{ABDE892B-13A8-4d1b-88E6-

365A6E755758}] - C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions:

[wrc@avast.com] - C:\Program Files

\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security -

C:\Program Files\AVAST Software

\Avast\WebRep\FF [2015-05-20]

Chrome:
=======
CHR Profile: C:\Users\Sinnfamily

\AppData\Local\Google\Chrome\User

Data\Default
CHR Extension: (YouTube) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\blpcfgokakmgnkcojhhkbfbldkacnbeo

[2013-08-04]
CHR Extension: (No Name) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\cbgbcgglihpocekaopnclahmonoolicp

[2013-08-22]
CHR Extension: (Google Search) - C:

\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\coobgpohoikkiipiblmjeljniedjpjpf

[2013-08-04]
CHR Extension: (Bookmark Manager)

- C:\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\gmlllbghnfkpflemihljekbapjopfjik

[2015-05-20]
CHR Extension: (Avast Online

Security) - C:\Users\Sinnfamily

\AppData\Local\Google\Chrome\User

Data\Default\Extensions

\gomekmidlodglbbmalcneegieacbdmki

[2015-05-20]
CHR Extension: (RealDownloader) -

C:\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\idhngdhcfkoamngbedgpaokgjbnpdiji

[2013-08-22]
CHR Extension: (Chrome Hotword

Shared Module) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\lccekmodgklaepjeofjdjpbminllajkg

[2015-03-19]
CHR Extension: (Hangouts) - C:

\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\nckgahadagoaajjgafhacjanaoiihapd

[2014-08-08]
CHR Extension: (Google Wallet) - C:

\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\nmmhkkegccagdldgiimedpiccmgmied

a [2013-08-21]
CHR Extension: (Gmail) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\pjkljhegncpnkpknbcohdijeoejaedia

[2013-08-04]
CHR HKLM-x32\...\Chrome\Extension:

[gomekmidlodglbbmalcneegieacbdmki

] - C:\Program Files\AVAST Software

\Avast\WebRep\Chrome

\aswWebRepChrome.crx [2015-05-20]
CHR HKLM-x32\...\Chrome\Extension:

[idhngdhcfkoamngbedgpaokgjbnpdiji]

- C:\ProgramData\RealNetworks

\RealDownloader\BrowserPlugins

\Chrome\Ext\realdownloader.crx

[2013-08-14]

====================

Services (Whitelisted)

=================

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

R2 avast! Antivirus; C:\Program Files

\AVAST Software\Avast\AvastSvc.exe

[343336 2015-05-20] (Avast Software

s.r.o.)
S2 avgfws; C:\Program Files

(x86)\AVG\AVG2015\avgfws.exe

[1517480 2015-04-15] (AVG

Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files

(x86)\AVG\AVG2015\avgidsagent.exe

[3438032 2015-04-15] (AVG

Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files

(x86)\AVG\AVG2015\avgwdsvc.exe

[311792 2015-04-15] (AVG

Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows

\system32\diagtrack.dll [1254400

2015-04-27] (Microsoft Corporation)
R2 EFS; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 HP Support Assistant Service; C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework

\hpsa_service.exe [92160 2013-11-04]

(Hewlett-Packard Company) [File not

signed]
S3 KeyIso; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 LightScribeService; c:\Program

Files (x86)\Common Files\LightScribe

\LSSrvc.exe [73728 2009-05-18]

(Hewlett-Packard Company) [File not

signed]
R2 MBAMScheduler; C:\Program Files

(x86)\Malwarebytes Anti-Malware

\mbamscheduler.exe [1871160 2015-

04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files

(x86)\Malwarebytes Anti-Malware

\mbamservice.exe [1080120 2015-04

-14] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 nvsvc; C:\Windows

\SysWOW64\nvvsvc.exe [0 2013-08-

10] () <==== ATTENTION (zero size

file/folder)
S3 ProtectedStorage; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 RealNetworks Downloader

Resolver Service; C:\Program Files

(x86)\RealNetworks\RealDownloader

\rndlresolversvc.exe [39056 2013-08-

14] ()
R2 SamSs; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 SBSDWSCService; C:\Program

Files (x86)\Spybot - Search & Destroy

\SDWinSec.exe [1153368 2009-01-26]

(Safer Networking Ltd.)
R2 Spooler; C:\Windows

\SysWOW64\spoolsv.exe [0 2013-08-

10] () <==== ATTENTION (zero size

file/folder)
S3 VaultSvc; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
S3 WinDefend; C:\Program Files

\Windows Defender\mpsvc.dll

[1011712 2013-05-27] (Microsoft

Corporation)

====================

Drivers (Whitelisted)

====================

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

R2 aswHwid; C:\Windows

\system32\drivers\aswHwid.sys

[29168 2015-05-20] ()
R2 aswMonFlt; C:\Windows

\system32\drivers\aswMonFlt.sys

[89944 2015-05-20] (Avast Software

s.r.o.)
R1 aswRdr; C:\Windows

\system32\drivers\aswRdr2.sys [93528

2015-05-20] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows

\System32\Drivers\aswRvrt.sys [65736

2015-05-20] ()
R1 aswSnx; C:\Windows

\system32\drivers\aswSnx.sys

[1047320 2015-05-20] (Avast

Software s.r.o.)
R1 aswSP; C:\Windows

\system32\drivers\aswSP.sys [442264

2015-05-20] (Avast Software s.r.o.)
R2 aswStm; C:\Windows

\system32\drivers\aswStm.sys

[137288 2015-05-20] (Avast Software

s.r.o.)
R0 aswVmm; C:\Windows

\System32\Drivers\aswVmm.sys

[272248 2015-05-20] ()
R1 Avgdiska; C:\Windows

\System32\DRIVERS\avgdiska.sys

[162784 2015-03-11] (AVG

Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows

\System32\DRIVERS\avgfwd6a.sys

[67040 2015-03-20] (AVG

Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows

\System32\DRIVERS\avgidsdrivera.sys

[284128 2015-04-09] (AVG

Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows

\System32\DRIVERS\avgidsha.sys

[213984 2015-03-11] (AVG

Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows

\System32\DRIVERS\avgldx64.sys

[256992 2015-04-15] (AVG

Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows

\System32\DRIVERS\avgloga.sys

[344544 2015-03-11] (AVG

Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows

\System32\DRIVERS\avgmfx64.sys

[137184 2015-04-03] (AVG

Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows

\System32\DRIVERS\avgrkx64.sys

[40928 2015-03-20] (AVG

Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows

\System32\DRIVERS\avgtdia.sys

[291296 2015-04-07] (AVG

Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows

\system32\drivers\mbam.sys [25816

2015-04-14] (Malwarebytes

Corporation)
R3 MBAMSwissArmy; C:\Windows

\system32\drivers

\MBAMSwissArmy.sys [136408 2015-

05-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:

\Windows\system32\drivers\mwac.sys

[63704 2015-04-14] (Malwarebytes

Corporation)
S3 SWDUMon; C:\Windows

\System32\DRIVERS\SWDUMon.sys

[16152 2014-06-22] ()
S1 qknfd; system32\drivers\qknfd.sys

[X]

====================

NetSvcs (Whitelisted)

===================

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)


==================== One

Month Created files and folders

========

(If an entry is included in the fixlist,

the file/folder will be moved.)

2015-05-21 21:21 - 2015-05-21 21:21

- 00098851 _____ () C:\Users

\Sinnfamily\Desktop\FRST.txt
2015-05-21 21:21 - 2015-05-21 21:21

- 00042993 _____ () C:\Users

\Sinnfamily\Desktop\Addition.txt
2015-05-21 20:37 - 2015-05-21 20:38

- 00042993 _____ () C:\Users

\Sinnfamily\Downloads\Addition.txt
2015-05-21 20:36 - 2015-05-22 16:12

- 00020220 _____ () C:\Users

\Sinnfamily\Downloads\FRST.txt
2015-05-21 20:35 - 2015-05-22 16:12

- 00000000 ____D () C:\FRST
2015-05-21 20:34 - 2015-05-21 20:34

- 02108416 _____ (Farbar) C:\Users

\Sinnfamily\Downloads\FRST64.exe
2015-05-21 20:21 - 2015-05-21 20:22

- 00465432 _____ () C:\Users

\Sinnfamily\Downloads

\ESETPoweliksCleaner.exe_20150521.

202107.4028.log
2015-05-21 20:21 - 2015-05-21 20:21

- 00000022 _____ () C:\Users

\Sinnfamily\Downloads

\ESETPoweliksCleaner.exe_20150521.

202107.4028.zip
2015-05-21 20:19 - 2015-05-21 20:19

- 00221384 _____ (ESET) C:\Users

\Sinnfamily\Downloads

\ESETPoweliksCleaner.exe
2015-05-20 19:51 - 2015-05-20 19:52

- 00001484 _____ () C:\Windows

\IE11_main.log
2015-05-20 19:51 - 2015-05-20 19:51

- 55915216 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads\IE11-Windows6.1-x64-

en-us.exe
2015-05-20 18:27 - 2015-05-20 18:27

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\AVAST

Software
2015-05-20 18:26 - 2015-05-20 18:26

- 01047320 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswSnx.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00442264 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswSP.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00364472 _____ (Avast Software

s.r.o.) C:\Windows

\system32\aswBoot.exe
2015-05-20 18:26 - 2015-05-20 18:26

- 00272248 _____ () C:\Windows

\system32\Drivers\aswVmm.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00137288 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswStm.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00093528 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswRdr2.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00089944 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswMonFlt.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00065736 _____ () C:\Windows

\system32\Drivers\aswRvrt.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00043112 _____ (Avast Software

s.r.o.) C:\Windows\avastSS.scr
2015-05-20 18:26 - 2015-05-20 18:26

- 00029168 _____ () C:\Windows

\system32\Drivers\aswHwid.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\AVAST Software
2015-05-20 18:25 - 2015-05-20 18:25

- 00000000 ____D () C:\Program

Files\AVAST Software
2015-05-20 18:24 - 2015-05-20 18:24

- 05481336 _____ (Avast Software

s.r.o.) C:\Users\Sinnfamily

\Downloads

\avast_free_antivirus_setup_online_cn

et.exe
2015-05-20 18:24 - 2015-05-20 18:24

- 00000000 ____D () C:\ProgramData

\AVAST Software
2015-05-20 16:54 - 2015-05-20 16:54

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.135558928799315.1.4.Run.exe
2015-05-20 16:43 - 2015-05-20 16:43

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.Run (2).exe
2015-05-20 16:38 - 2015-05-20 16:38

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.Run (1).exe
2015-05-20 16:34 - 2015-05-20 16:34

- 00039148 _____ () C:\Users

\Sinnfamily\Downloads

\ResultReport.html
2015-05-20 16:33 - 2015-05-20 16:44

- 00000000 ____D () C:\MATS
2015-05-20 16:32 - 2015-05-20 16:32

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.Run.exe
2015-05-20 15:52 - 2015-05-22 16:10

- 00136408 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers

\MBAMSwissArmy.sys
2015-05-20 15:51 - 2015-05-20 16:23

- 00000000 ____D () C:\Program Files

(x86)\Malwarebytes Anti-Malware
2015-05-20 15:51 - 2015-05-20 15:51

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\Malwarebytes Anti-

Malware
2015-05-20 15:51 - 2015-05-20 15:51

- 00000000 ____D () C:\ProgramData

\Malwarebytes
2015-05-20 15:51 - 2015-04-14 09:37

- 00107736 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers

\mbamchameleon.sys
2015-05-20 15:51 - 2015-04-14 09:37

- 00063704 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers\mwac.sys
2015-05-20 15:51 - 2015-04-14 09:37

- 00025816 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers\mbam.sys
2015-05-20 15:50 - 2015-05-20 15:50

- 21546080 _____ (Malwarebytes

Corporation ) C:\Users\Sinnfamily

\Downloads\mbam-setup-

2.1.6.1022.exe
2015-05-20 10:40 - 2015-05-20 10:40

- 00073896 _____ () C:\Users

\Sinnfamily\Downloads\[SURVEY

PREVIEW MODE] Spring into Summer

Feedback 2014 Survey Last years.htm
2015-05-20 10:32 - 2015-05-22 16:09

- 00000616 _____ () C:\Windows

\setupact.log
2015-05-20 10:32 - 2015-05-22 15:55

- 00079622 _____ () C:\Windows

\PFRO.log
2015-05-20 10:32 - 2015-05-20 10:32

- 00000000 _____ () C:\Windows

\setuperr.log
2015-05-20 09:46 - 2015-05-20 09:46

- 00003874 _____ () C:\Windows

\System32\Tasks\Google Update
2015-05-20 09:46 - 2015-05-20 09:46

- 00003694 _____ () C:\Windows

\System32\Tasks\Adobe Reader and

Acrobat Manager
2015-05-20 09:39 - 2015-05-20 09:39

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\AVG PC TuneUp 2015
2015-05-20 09:37 - 2015-05-20 09:37

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Local\Avg
2015-05-17 14:05 - 2015-05-21 06:17

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Tre shower
2015-05-17 12:27 - 2015-05-17 12:27

- 00403453 _____ () C:\Users

\Sinnfamily\Documents\Tom Daddy

game.ods
2015-05-17 12:18 - 2015-05-17 12:18

- 00073896 _____ () C:\Users

\Sinnfamily\Desktop\[SURVEY

PREVIEW MODE] Spring into Summer

Feedback 2014 Survey Last years.htm
2015-05-14 18:10 - 2015-05-17 04:28

- 00000000 ____D () C:\Program Files

(x86)\Mozilla Firefox
2015-05-13 16:02 - 2015-05-13 16:02

- 00010896 _____ () C:\Users

\Sinnfamily\Desktop\upcoming

events.odt
2015-05-13 03:03 - 2015-05-01 08:17

- 00124112 _____ (Microsoft

Corporation) C:\Windows

\system32\PresentationCFFRasterizer

Native_v0300.dll
2015-05-13 03:03 - 2015-05-01 08:16

- 00102608 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\PresentationCFFRasterize

rNative_v0300.dll
2015-05-12 14:49 - 2015-05-04 20:29

- 00342016 _____ (Microsoft

Corporation) C:\Windows

\system32\schannel.dll
2015-05-12 14:49 - 2015-05-04 20:12

- 00248832 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\schannel.dll
2015-05-12 14:49 - 2015-04-21 21:28

- 00389840 _____ (Microsoft

Corporation) C:\Windows

\system32\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 20:48

- 00342736 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 12:14

- 24971776 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtml.dll
2015-05-12 14:49 - 2015-04-21 12:08

- 02724864 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 12:07

- 00004096 _____ (Microsoft

Corporation) C:\Windows

\system32\ieetwcollectorres.dll
2015-05-12 14:49 - 2015-04-21 11:51

- 00066560 _____ (Microsoft

Corporation) C:\Windows

\system32\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:50

- 00584192 _____ (Microsoft

Corporation) C:\Windows

\system32\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:50

- 00417792 _____ (Microsoft

Corporation) C:\Windows

\system32\html.iec
2015-05-12 14:49 - 2015-04-21 11:50

- 00048640 _____ (Microsoft

Corporation) C:\Windows

\system32\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:49

- 02885120 _____ (Microsoft

Corporation) C:\Windows

\system32\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:48

- 00088064 _____ (Microsoft

Corporation) C:\Windows

\system32\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:41

- 00054784 _____ (Microsoft

Corporation) C:\Windows

\system32\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:40

- 00034304 _____ (Microsoft

Corporation) C:\Windows

\system32\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:37

- 00633856 _____ (Microsoft

Corporation) C:\Windows

\system32\ieui.dll
2015-05-12 14:49 - 2015-04-21 11:35

- 00816640 _____ (Microsoft

Corporation) C:\Windows

\system32\jscript.dll
2015-05-12 14:49 - 2015-04-21 11:35

- 00144384 _____ (Microsoft

Corporation) C:\Windows

\system32\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 11:35

- 00114688 _____ (Microsoft

Corporation) C:\Windows

\system32\ieetwcollector.exe
2015-05-12 14:49 - 2015-04-21 11:34

- 00814080 _____ (Microsoft

Corporation) C:\Windows

\system32\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 11:31

- 06025728 _____ (Microsoft

Corporation) C:\Windows

\system32\jscript9.dll
2015-05-12 14:49 - 2015-04-21 11:26

- 00968704 _____ (Microsoft

Corporation) C:\Windows

\system32\MsSpellCheckingFacility.ex

e
2015-05-12 14:49 - 2015-04-21 11:25

- 02724864 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 11:24

- 19691008 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtml.dll
2015-05-12 14:49 - 2015-04-21 11:22

- 00490496 _____ (Microsoft

Corporation) C:\Windows

\system32\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 11:14

- 00077824 _____ (Microsoft

Corporation) C:\Windows

\system32\JavaScriptCollectionAgent.

dll
2015-05-12 14:49 - 2015-04-21 11:11

- 00504320 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:11

- 00062464 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:10

- 00047616 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:09

- 00341504 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\html.iec
2015-05-12 14:49 - 2015-04-21 11:09

- 00199680 _____ (Microsoft

Corporation) C:\Windows

\system32\msrating.dll
2015-05-12 14:49 - 2015-04-21 11:08

- 00092160 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 11:08

- 00064000 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:05

- 00316928 _____ (Microsoft

Corporation) C:\Windows

\system32\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 11:04

- 02278400 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:03

- 00047104 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:02

- 00030720 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:00

- 00478208 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieui.dll
2015-05-12 14:49 - 2015-04-21 10:58

- 00664576 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jscript.dll
2015-05-12 14:49 - 2015-04-21 10:58

- 00115712 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 10:57

- 00620032 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 10:49

- 00801280 _____ (Microsoft

Corporation) C:\Windows

\system32\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:49

- 00720384 _____ (Microsoft

Corporation) C:\Windows

\system32\ie4uinit.exe
2015-05-12 14:49 - 2015-04-21 10:48

- 00418304 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 10:47

- 01359360 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:46

- 02125824 _____ (Microsoft

Corporation) C:\Windows

\system32\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:43

- 00060416 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\JavaScriptCollectionAgen

t.dll
2015-05-12 14:49 - 2015-04-21 10:40

- 14401536 _____ (Microsoft

Corporation) C:\Windows

\system32\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:39

- 00168960 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msrating.dll
2015-05-12 14:49 - 2015-04-21 10:38

- 00076288 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 10:36

- 00285696 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 10:31

- 04305920 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jscript9.dll
2015-05-12 14:49 - 2015-04-21 10:27

- 02352128 _____ (Microsoft

Corporation) C:\Windows

\system32\wininet.dll
2015-05-12 14:49 - 2015-04-21 10:26

- 00688640 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:25

- 02052608 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:24

- 01155072 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:17

- 12828672 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:15

- 01547264 _____ (Microsoft

Corporation) C:\Windows

\system32\urlmon.dll
2015-05-12 14:49 - 2015-04-21 10:03

- 00800768 _____ (Microsoft

Corporation) C:\Windows

\system32\ieapfltr.dll
2015-05-12 14:49 - 2015-04-21 10:02

- 01882112 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wininet.dll
2015-05-12 14:49 - 2015-04-21 09:58

- 01310208 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\urlmon.dll
2015-05-12 14:49 - 2015-04-21 09:56

- 00710144 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieapfltr.dll
2015-05-12 14:49 - 2015-04-17 22:10

- 00460800 _____ (Microsoft

Corporation) C:\Windows

\system32\certcli.dll
2015-05-12 14:49 - 2015-04-17 21:56

- 00342016 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\certcli.dll
2015-05-12 14:49 - 2015-04-12 22:28

- 00328704 _____ (Microsoft

Corporation) C:\Windows

\system32\services.exe
2015-05-12 14:48 - 2015-04-27 14:28

- 05569984 _____ (Microsoft

Corporation) C:\Windows

\system32\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:28

- 00155584 _____ (Microsoft

Corporation) C:\Windows

\system32\Drivers\ksecpkg.sys
2015-05-12 14:48 - 2015-04-27 14:28

- 00095680 _____ (Microsoft

Corporation) C:\Windows

\system32\Drivers\ksecdd.sys
2015-05-12 14:48 - 2015-04-27 14:26

- 01728960 _____ (Microsoft

Corporation) C:\Windows

\system32\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 01461760 _____ (Microsoft

Corporation) C:\Windows

\system32\lsasrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 01254400 _____ (Microsoft

Corporation) C:\Windows

\system32\diagtrack.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 01162752 _____ (Microsoft

Corporation) C:\Windows

\system32\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00879104 _____ (Microsoft

Corporation) C:\Windows

\system32\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00879104 _____ (Microsoft

Corporation) C:\Windows

\system32\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00728064 _____ (Microsoft

Corporation) C:\Windows

\system32\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00503808 _____ (Microsoft

Corporation) C:\Windows

\system32\srcore.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00424448 _____ (Microsoft

Corporation) C:\Windows

\system32\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00362496 _____ (Microsoft

Corporation) C:\Windows

\system32\wow64win.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00314880 _____ (Microsoft

Corporation) C:\Windows

\system32\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00309760 _____ (Microsoft

Corporation) C:\Windows

\system32\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00243712 _____ (Microsoft

Corporation) C:\Windows

\system32\wow64.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00215040 _____ (Microsoft

Corporation) C:\Windows

\system32\winsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00210944 _____ (Microsoft

Corporation) C:\Windows

\system32\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00136192 _____ (Microsoft

Corporation) C:\Windows

\system32\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00113664 _____ (Microsoft

Corporation) C:\Windows

\system32\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00086528 _____ (Microsoft

Corporation) C:\Windows

\system32\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00050176 _____ (Microsoft

Corporation) C:\Windows

\system32\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00043520 _____ (Microsoft

Corporation) C:\Windows

\system32\csrsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00029184 _____ (Microsoft

Corporation) C:\Windows

\system32\sspisrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00028160 _____ (Microsoft

Corporation) C:\Windows

\system32\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00022016 _____ (Microsoft

Corporation) C:\Windows

\system32\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00016384 _____ (Microsoft

Corporation) C:\Windows

\system32\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00013312 _____ (Microsoft

Corporation) C:\Windows

\system32\wow64cpu.dll
2015-05-12 14:48 - 2015-04-27 14:22

- 00404992 _____ (Microsoft

Corporation) C:\Windows

\system32\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00338432 _____ (Microsoft

Corporation) C:\Windows

\system32\conhost.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00296960 _____ (Microsoft

Corporation) C:\Windows

\system32\rstrui.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00112640 _____ (Microsoft

Corporation) C:\Windows

\system32\smss.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00104448 _____ (Microsoft

Corporation) C:\Windows

\system32\logman.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00047104 _____ (Microsoft

Corporation) C:\Windows

\system32\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00043008 _____ (Microsoft

Corporation) C:\Windows

\system32\relog.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00031232 _____ (Microsoft

Corporation) C:\Windows

\system32\lsass.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00019456 _____ (Microsoft

Corporation) C:\Windows

\system32\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:21

- 00064000 _____ (Microsoft

Corporation) C:\Windows

\system32\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:18

- 00146432 _____ (Microsoft

Corporation) C:\Windows

\system32\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:18

- 00060416 _____ (Microsoft

Corporation) C:\Windows

\system32\msobjs.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00686080 _____ (Microsoft

Corporation) C:\Windows

\system32\adtschema.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00006656 _____ (Microsoft

Corporation) C:\Windows

\system32\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00006144 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-security-base-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00005120 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-file-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-sysinfo-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-synch-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-misc-l1-1

-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-memory-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-heap-l1-1

-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-xstate-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-util-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-string-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-profile-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-io-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-handle-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-fibers-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-debug-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-datetime-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-console-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:11

- 03989440 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntkrnlpa.exe
2015-05-12 14:48 - 2015-04-27 14:11

- 03934144 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:08

- 01310744 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00635392 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00259584 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00221184 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00172032 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00092160 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00065536 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00043008 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00022016 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00014336 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:04

- 00641536 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:04

- 00550912 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:04

- 00364544 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00082944 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\logman.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00040448 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00037888 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\relog.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00025600 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\setup16.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00017408 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 01114112 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 00274944 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 00096768 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 00050176 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:03

- 00017408 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:03

- 00005120 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wow32.dll
2015-05-12 14:48 - 2015-04-27 14:01

- 00146432 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:01

- 00060416 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msobjs.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00686080 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\adtschema.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00006656 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00005120 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-file-l1-1

-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-sysinfo-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-synch-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-misc-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

memory-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-heap-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-string-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-profile-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-io-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-handle-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-fibers-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-debug-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

datetime-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

console-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:06

- 00036864 _____ (Microsoft

Corporation) C:\Windows

\system32\UtcResources.dll
2015-05-12 14:48 - 2015-04-27 12:57

- 00007680 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\instnm.exe
2015-05-12 14:48 - 2015-04-27 12:57

- 00002048 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\user.exe
2015-05-12 14:48 - 2015-04-27 12:55

- 00006144 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-security-

base-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-xstate-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-util-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-19 22:17

- 01647104 _____ (Microsoft

Corporation) C:\Windows

\system32\DWrite.dll
2015-05-12 14:48 - 2015-04-19 22:17

- 01179136 _____ (Microsoft

Corporation) C:\Windows

\system32\FntCache.dll
2015-05-12 14:48 - 2015-04-19 21:56

- 01250816 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\DWrite.dll
2015-05-12 14:48 - 2015-04-19 21:11

- 03204608 _____ (Microsoft

Corporation) C:\Windows

\system32\win32k.sys
2015-05-12 14:48 - 2015-04-07 22:29

- 00275456 _____ (Microsoft

Corporation) C:\Windows

\system32\InkEd.dll
2015-05-12 14:48 - 2015-04-07 22:29

- 00024576 _____ (Microsoft

Corporation) C:\Windows

\system32\jnwmon.dll
2015-05-12 14:48 - 2015-04-07 22:14

- 00216064 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\InkEd.dll
2015-05-12 14:48 - 2015-03-03 23:41

- 00342016 _____ (Microsoft

Corporation) C:\Windows

\system32\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:41

- 00072192 _____ (Microsoft

Corporation) C:\Windows

\system32\aelupsvc.dll
2015-05-12 14:48 - 2015-03-03 23:41

- 00023552 _____ (Microsoft

Corporation) C:\Windows

\system32\sdbinst.exe
2015-05-12 14:48 - 2015-03-03 23:41

- 00006656 _____ (Microsoft

Corporation) C:\Windows

\system32\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:11

- 00005120 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:10

- 00295936 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:10

- 00020992 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\sdbinst.exe
2015-05-12 14:48 - 2015-02-18 02:06

- 00123904 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\poqexec.exe
2015-05-12 14:48 - 2015-02-18 02:04

- 00142336 _____ (Microsoft

Corporation) C:\Windows

\system32\poqexec.exe
2015-05-12 14:48 - 2015-01-28 22:19

- 02543104 _____ (Microsoft

Corporation) C:\Windows

\system32\wpdshext.dll
2015-05-12 14:48 - 2015-01-28 22:02

- 02311168 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wpdshext.dll
2015-05-11 22:02 - 2015-05-11 22:02

- 00000298 _____ () C:\Users

\Sinnfamily\Desktop\parking.txt
2015-05-09 23:33 - 2015-05-09 23:33

- 00000488 _____ () C:\Users

\Sinnfamily\Desktop\setup for

Heather.txt
2015-05-07 19:04 - 2015-05-15 04:21

- 00020716 _____ () C:\Users

\Sinnfamily\Desktop\planning.ods
2015-05-07 15:32 - 2015-05-07 15:32

- 00188416 _____ () C:\Users

\Sinnfamily\Desktop\certificate-of-

participation-1.pot
2015-04-27 10:01 - 2015-04-27 10:01

- 00000049 _____ () C:\Users

\Sinnfamily\Desktop\link to JSA

womans page.txt

==================== One

Month Modified files and folders

========

(If an entry is included in the fixlist,

the file/folder will be moved.)

2015-05-22 16:12 - 2009-11-26 12:46

- 01296374 _____ () C:\Windows

\WindowsUpdate.log
2015-05-22 16:10 - 2014-12-31 22:06

- 00000348 _____ () C:\Windows

\Tasks\HP Photo Creations

Communicator.job
2015-05-22 16:10 - 2013-03-20 10:23

- 00000412 _____ () C:\Windows

\Tasks

\FreeFileViewerUpdateChecker.job
2015-05-22 16:10 - 2011-09-21 15:49

- 00000894 _____ () C:\Windows

\Tasks

\GoogleUpdateTaskMachineCore.job
2015-05-22 16:09 - 2009-07-14 00:08

- 00000006 ____H () C:\Windows

\Tasks\SA.DAT
2015-05-22 16:03 - 2009-07-13 23:45

- 00018736 ____H () C:\Windows

\system32\7B296FB0-376B-497e-

B012-9C450E1B7327-5P-1.C7483456

-A289-439d-8115-601632D005A0
2015-05-22 16:03 - 2009-07-13 23:45

- 00018736 ____H () C:\Windows

\system32\7B296FB0-376B-497e-

B012-9C450E1B7327-5P-0.C7483456

-A289-439d-8115-601632D005A0
2015-05-22 16:00 - 2013-06-13 11:32

- 00000830 _____ () C:\Windows

\Tasks\Adobe Flash Player

Updater.job
2015-05-22 16:00 - 2009-07-14 00:13

- 00782510 _____ () C:\Windows

\system32\PerfStringBackup.INI
2015-05-22 15:59 - 2011-02-15 13:35

- 00000928 _____ () C:\Windows

\Tasks\GoogleUpdateTaskUserS-1-5-

21-2643768202-156854014-

2583388340-1001UA.job
2015-05-22 15:54 - 2011-02-15 13:35

- 00000876 _____ () C:\Windows

\Tasks\GoogleUpdateTaskUserS-1-5-

21-2643768202-156854014-

2583388340-1001Core.job
2015-05-22 15:49 - 2011-09-21 15:49

- 00000898 _____ () C:\Windows

\Tasks

\GoogleUpdateTaskMachineUA.job
2015-05-21 19:58 - 2009-12-20 10:43

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\Adobe
2015-05-21 06:23 - 2011-11-11 21:22

- 00000114 _____ () C:\Users

\Sinnfamily\jobq.dat
2015-05-21 06:22 - 2015-01-29 23:21

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\2015 SIS
2015-05-21 06:18 - 2011-04-11 23:59

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Family tree
2015-05-21 06:17 - 2014-01-17 20:26

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\SIS 2014
2015-05-21 06:17 - 2010-12-11 22:17

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\BBR handouts &

interview stuff
2015-05-20 19:48 - 2010-09-17 22:46

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\New folder
2015-05-20 16:41 - 2010-09-30 09:14

- 00000000 ____D () C:\ProgramData

\MFAData
2015-05-20 16:13 - 2011-04-09 20:27

- 00000000 ____D () C:\Windows

\RegisteredPackages
2015-05-20 16:12 - 2014-02-16 13:40

- 00000000 ____D () C:\Program

Files\Conduit
2015-05-20 16:12 - 2014-02-16 13:40

- 00000000 ____D () C:\Program Files

(x86)\Conduit
2015-05-20 15:34 - 2012-01-01 11:18

- 00000000 ____D () C:\Windows\pss
2015-05-20 10:32 - 2014-12-13 20:32

- 00000352 _____ () C:\Windows

\Tasks

\HPCeeScheduleForSinnfamily.job
2015-05-20 09:45 - 2011-01-10 18:38

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\Skype
2015-05-20 09:45 - 2009-12-21 17:00

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming

\HpUpdate
2015-05-20 09:45 - 2009-08-21 14:36

- 00000000 ____D () C:\ProgramData

\Temp
2015-05-20 09:45 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\system32\sysprep
2015-05-20 09:40 - 2012-10-06 19:07

- 00000000 ____D () C:\ProgramData

\AVG
2015-05-20 09:39 - 2011-11-04 00:29

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\AVG
2015-05-20 09:39 - 2010-02-21 19:42

- 00000000 ____D () C:\Program Files

(x86)\AVG
2015-05-20 08:10 - 2014-12-13 20:32

- 00003216 _____ () C:\Windows

\System32\Tasks

\HPCeeScheduleForSinnfamily
2015-05-20 07:56 - 2009-07-14 00:08

- 00032560 _____ () C:\Windows

\Tasks\SCHEDLGU.TXT
2015-05-19 18:32 - 2012-04-08 14:23

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\BBR2012
2015-05-19 18:10 - 2015-04-05 03:01

- 00000000 ___SD () C:\Windows

\SysWOW64\GWX
2015-05-19 18:10 - 2015-04-05 03:01

- 00000000 ___SD () C:\Windows

\system32\GWX
2015-05-18 15:30 - 2011-04-09 20:27

- 00000000 ____D () C:\Users

\Sinnfamily\Documents\Family Tree

Maker
2015-05-17 04:54 - 2011-02-15 13:35

- 00003908 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001UA
2015-05-17 04:54 - 2011-02-15 13:35

- 00003512 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001Core
2015-05-17 04:28 - 2014-02-14 21:27

- 00000000 ____D () C:\Program Files

(x86)\Mozilla Maintenance Service
2015-05-16 19:27 - 2015-03-01 00:55

- 00000052 _____ () C:\Windows

\SysWOW64\DOErrors.log
2015-05-15 15:44 - 2011-09-21 15:49

- 00003894 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskMachineUA
2015-05-15 15:44 - 2011-09-21 15:49

- 00003642 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskMachineCore
2015-05-13 06:53 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\rescache
2015-05-13 03:36 - 2009-07-13 23:45

- 00359008 _____ () C:\Windows

\system32\FNTCACHE.DAT
2015-05-13 03:35 - 2013-03-14 03:01

- 00000000 ____D () C:\Program

Files\Microsoft Silverlight
2015-05-13 03:35 - 2013-03-14 03:01

- 00000000 ____D () C:\Program Files

(x86)\Microsoft Silverlight
2015-05-13 03:32 - 2009-07-14 02:45

- 00000000 ____D () C:\Program

Files\Windows Journal
2015-05-13 03:32 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\system32\AdvancedInstallers
2015-05-13 03:13 - 2013-08-01 03:05

- 00000000 ____D () C:\Windows

\system32\MRT
2015-05-13 03:08 - 2009-12-23 06:44

- 140425016 _____ (Microsoft

Corporation) C:\Windows

\system32\MRT.exe
2015-05-13 03:03 - 2013-03-14 03:02

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\Microsoft Silverlight
2015-05-11 08:30 - 2012-08-08 23:54

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Newletter
2015-05-04 09:08 - 2010-01-14 19:11

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Bills paid
2015-05-04 08:23 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\system32\NDF
2015-05-04 07:48 - 2010-04-20 06:30

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Scot's stuff
2015-05-04 07:46 - 2009-12-20 13:58

- 00029720 _____ () C:\Users

\Sinnfamily\AppData\Roaming

\wklnhst.dat
2015-04-30 16:38 - 2009-12-20 18:16

- 00000552 _____ () C:\Windows

\Tasks

\PCDRScheduledMaintenance.job
2015-04-30 07:06 - 2014-03-31 12:52

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\AVG
2015-04-27 11:37 - 2013-10-22 08:27

- 00000000 ____D () C:\ProgramData

\Oracle
2015-04-27 11:37 - 2010-04-02 05:20

- 00000000 ____D () C:\Program Files

(x86)\Java
2015-04-27 11:36 - 2014-10-20 16:51

- 00098216 _____ (Oracle

Corporation) C:\Windows

\SysWOW64\WindowsAccessBridge-

32.dll

==================== Files

in the root of some directories

=======

2014-11-28 06:27 - 2015-03-12 23:04

- 0000115 _____ () C:\Users

\Sinnfamily\AppData\Roaming

\LogFile.txt
2009-12-20 13:58 - 2015-05-04 07:46

- 0029720 _____ () C:\Users

\Sinnfamily\AppData\Roaming

\wklnhst.dat
2011-10-04 16:39 - 2014-03-11 08:40

- 0123098 _____ () C:\Users

\Sinnfamily\AppData\Local\ars.cache
2011-10-04 16:39 - 2014-03-11 08:40

- 1687450 _____ () C:\Users

\Sinnfamily\AppData\Local

\census.cache
2010-01-21 22:06 - 2010-01-21 22:06

- 0000036 _____ () C:\Users

\Sinnfamily\AppData\Local

\housecall.guid.cache
2011-11-04 15:30 - 2012-03-02 15:37

- 0007616 _____ () C:\Users

\Sinnfamily\AppData\Local

\Resmon.ResmonCfg
2014-03-11 08:09 - 2014-03-11 08:09

- 0000010 _____ () C:\Users

\Sinnfamily\AppData\Local

\sponge.last.runtime.cache
2012-07-02 13:31 - 2012-07-02 13:31

- 2799039 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp008.JPG
2012-08-06 12:29 - 2012-08-06 12:30

- 2124933 _____ () C:\Users

\Sinnfamily\AppData\Local\tmp1.JPG
2011-03-22 12:37 - 2011-03-22 12:37

- 0083509 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp162721_1808201247450_1312501

035_2079019_43889_N[1].JPG
2011-08-23 20:28 - 2011-08-23 20:28

- 0014004 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp168319_1869646863991_1325676

592_2419376_8148056_N.JPG
2012-04-18 11:45 - 2012-04-18 11:45

- 1242447 _____ () C:\Users

\Sinnfamily\AppData\Local\tmp2012-

04-17_21-38-59_182.0
2012-04-18 11:45 - 2012-04-18 11:45

- 0499522 _____ () C:\Users

\Sinnfamily\AppData\Local\tmp2012-

04-17_21-38-59_182.JPG
2012-10-23 11:40 - 2012-10-23 11:40

- 1284650 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp20120205PARADE AWARD0001.0
2012-10-23 11:40 - 2012-10-23 11:40

- 0833582 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp20120205PARADE

AWARD0001.JPG
2011-05-08 17:02 - 2011-05-08 17:02

- 0012434 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp222240_158756360853195_10000

1564965041_380420_6001237_N.JPG
2011-06-18 23:29 - 2011-06-18 23:29

- 0276955 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp257237_117407341680488_10000

2336692814_156079_3039679_O.0
2011-06-18 23:29 - 2011-06-18 23:29

- 0247997 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp257237_117407341680488_10000

2336692814_156079_3039679_O.JPG
2012-10-28 12:49 - 2012-10-28 12:49

- 0040236 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp2B98A1C0D66B.JPG
2012-07-23 17:15 - 2012-07-23 17:15

- 0042681 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp530065_10151032695518389_150

0591922_N.JPG
2011-10-04 09:19 - 2011-10-04 09:19

- 0105908 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp533706_DEFAULT.JPG
2011-03-22 12:30 - 2011-03-22 12:30

- 0044793 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp6776_1225016944450_119979888

0_30669952_5465887_N[1].JPG
2012-03-04 15:59 - 2012-03-04 15:59

- 0007307 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp70760_100000487607807_190706

0964_N.0
2012-03-04 15:59 - 2012-03-04 15:59

- 0007478 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp70760_100000487607807_190706

0964_N.1
2012-03-04 15:59 - 2012-03-04 15:59

- 0007635 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp70760_100000487607807_190706

0964_N.JPG
2012-08-08 12:22 - 2012-08-08 12:22

- 0145542 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpBO0222.JPG
2010-06-14 19:30 - 2010-06-14 19:30

- 3815225 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpCURIOSITY[1].0
2010-06-14 19:30 - 2010-06-14 19:30

- 0749501 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpCURIOSITY[1].JPG
2012-08-12 10:03 - 2012-08-12 10:03

- 0078042 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDFJJDAYS.0
2012-08-12 10:03 - 2012-08-12 10:03

- 0073577 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDFJJDAYS.JPG
2012-08-04 13:50 - 2012-08-04 13:50

- 3744944 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpDOTTY

2.JPG
2012-04-29 15:45 - 2012-04-29 15:45

- 3795290 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0066.JPG
2012-04-29 15:46 - 2012-04-29 15:46

- 4073377 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0067.JPG
2012-04-29 15:48 - 2012-04-29 15:48

- 3826196 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0068.JPG
2012-04-29 16:15 - 2012-04-29 16:15

- 3979096 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0069.JPG
2012-04-29 16:16 - 2012-04-29 16:16

- 3860447 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0071.JPG
2012-06-07 20:05 - 2012-06-07 20:05

- 1324937 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0113.0
2012-06-07 20:05 - 2012-06-07 20:05

- 1134693 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0113.JPG
2012-06-07 20:06 - 2012-06-07 20:10

- 1169968 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0114.0
2012-06-07 20:10 - 2012-06-07 20:10

- 1165070 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0114.JPG
2012-06-07 20:07 - 2012-06-07 20:07

- 1132928 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0115.0
2012-06-07 20:07 - 2012-06-07 20:07

- 1466839 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0115.JPG
2012-06-07 20:03 - 2012-06-07 20:03

- 1344625 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0121.0
2012-06-07 20:03 - 2012-06-07 20:03

- 0922643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0121.JPG
2012-06-07 20:02 - 2012-06-07 20:02

- 1354697 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0126.0
2012-06-07 20:02 - 2012-06-07 20:02

- 0861878 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0126.JPG
2012-06-07 23:55 - 2012-06-07 23:55

- 3874104 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0129.JPG
2012-06-07 23:56 - 2012-06-07 23:56

- 0293557 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0129_CROP.JPG
2012-07-30 23:17 - 2012-07-30 23:17

- 3818272 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0222.0
2012-07-30 23:17 - 2012-07-30 23:17

- 1247679 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0222.1
2012-07-30 23:17 - 2012-07-30 23:17

- 1317022 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0222.JPG
2012-07-30 23:18 - 2012-07-30 23:18

- 3680209 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0223.0
2012-07-30 23:18 - 2012-07-30 23:18

- 1890416 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0223.JPG
2012-07-30 23:20 - 2012-07-30 23:20

- 4060088 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0224.0
2012-07-30 23:20 - 2012-07-30 23:20

- 1670553 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0224.JPG
2012-07-30 23:21 - 2012-07-30 23:21

- 3876040 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0225.0
2012-07-30 23:21 - 2012-07-30 23:21

- 1243214 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0225.JPG
2012-07-30 23:15 - 2012-07-30 23:15

- 3911025 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0228.0
2012-07-30 23:15 - 2012-07-30 23:15

- 1859570 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0228.JPG
2012-07-30 23:13 - 2012-07-30 23:13

- 3925542 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0230.0
2012-07-30 23:13 - 2012-07-30 23:13

- 1701643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0230.JPG
2012-07-30 23:14 - 2012-07-30 23:14

- 3777079 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0231.0
2012-07-30 23:14 - 2012-07-30 23:14

- 1903590 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0231.JPG
2012-12-16 13:17 - 2012-12-16 13:17

- 2699209 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0423.0
2012-12-16 13:17 - 2012-12-16 13:17

- 0981494 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0423.JPG
2012-12-16 13:16 - 2012-12-16 13:16

- 2344082 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0427.JPG
2013-06-15 18:54 - 2013-06-15 18:54

- 3845545 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0646.JPG
2013-06-15 18:55 - 2013-06-15 18:55

- 3825319 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0648.JPG
2013-06-15 18:55 - 2013-06-15 18:55

- 3655438 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0654.JPG
2013-06-15 18:52 - 2013-06-15 18:52

- 3813732 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0657.JPG
2013-06-15 18:53 - 2013-06-15 18:53

- 3520275 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0661.JPG
2013-06-15 18:50 - 2013-06-15 18:50

- 3700495 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0662.JPG
2013-06-23 09:23 - 2013-06-23 09:23

- 3881342 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0669.JPG
2013-06-23 09:12 - 2013-06-23 09:12

- 4069139 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0683.JPG
2013-06-23 09:01 - 2013-06-23 09:01

- 3776503 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0692.JPG
2013-06-23 09:09 - 2013-06-23 09:09

- 3918280 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0693.JPG
2013-06-23 09:11 - 2013-06-23 09:11

- 4029641 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0694.JPG
2013-06-23 09:08 - 2013-06-23 09:08

- 3801721 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0695.JPG
2013-06-23 09:03 - 2013-06-23 09:03

- 4034112 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0696.0
2013-06-23 09:03 - 2013-06-23 09:03

- 1620362 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0696.JPG
2013-06-23 09:15 - 2013-06-23 09:15

- 3963372 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0699.JPG
2013-06-23 09:16 - 2013-06-23 09:16

- 3879562 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0700.JPG
2013-07-08 07:39 - 2013-07-08 07:39

- 4196228 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0709.JPG
2013-07-21 19:46 - 2013-07-21 19:46

- 3824830 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0757.JPG
2013-07-21 19:59 - 2013-07-21 19:59

- 4239298 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0766.JPG
2013-07-21 19:55 - 2013-07-21 19:55

- 3935137 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0775.0
2013-07-21 19:55 - 2013-07-21 19:55

- 1589176 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0775.JPG
2013-07-21 19:58 - 2013-07-21 19:58

- 3579938 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0777.0
2013-07-21 19:58 - 2013-07-21 19:58

- 1970441 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0777.JPG
2013-07-21 19:48 - 2013-07-21 19:48

- 3807746 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0779.0
2013-07-21 19:48 - 2013-07-21 19:48

- 1027164 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0779.JPG
2013-08-08 22:59 - 2013-08-08 22:59

- 3565728 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0824.JPG
2012-10-21 13:52 - 2012-10-21 13:52

- 2325452 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0878.JPG
2010-01-16 21:18 - 2010-01-16 21:18

- 2048379 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1417.JPG
2010-07-10 09:40 - 2010-07-10 09:40

- 1265628 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1469.JPG
2010-05-31 07:57 - 2010-05-31 07:57

- 1277265 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1487.JPG
2010-05-31 07:42 - 2010-05-31 07:42

- 1272013 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1541.JPG
2010-06-06 09:18 - 2010-06-06 09:18

- 1263599 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1549.JPG
2010-06-06 09:20 - 2010-06-06 09:20

- 1301262 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1551.JPG
2010-06-06 09:22 - 2010-06-06 09:22

- 1306984 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1553.0
2010-06-06 09:22 - 2010-06-06 09:22

- 0547400 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1553.JPG
2010-06-06 09:23 - 2010-06-06 09:23

- 1309557 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1557.0
2010-06-06 09:23 - 2010-06-06 09:23

- 0473630 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1557.JPG
2010-06-06 09:25 - 2010-06-06 09:25

- 1267254 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1565.0
2010-06-06 09:25 - 2010-06-06 09:25

- 0594259 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1565.JPG
2010-06-06 09:27 - 2010-06-06 09:27

- 1339875 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1568.0
2010-06-06 09:27 - 2010-06-06 09:27

- 0520586 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1568.JPG
2010-06-06 09:29 - 2010-06-06 09:29

- 1280711 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1569.0
2010-06-06 09:29 - 2010-06-06 09:29

- 0518193 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1569.JPG
2010-06-06 09:30 - 2010-06-06 09:30

- 1274621 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1570.0
2010-06-06 09:30 - 2010-06-06 09:30

- 0599313 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1570.JPG
2010-06-06 09:32 - 2010-06-06 09:32

- 1304661 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1572.0
2010-06-06 09:32 - 2010-06-06 09:32

- 0564461 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1572.JPG
2010-06-06 09:33 - 2010-06-06 09:33

- 1300830 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1578.JPG
2010-08-22 20:39 - 2010-08-22 20:39

- 0121084 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1640.JPG
2010-08-22 20:44 - 2010-08-22 20:44

- 0117011 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1644.JPG
2010-08-22 20:41 - 2010-08-22 20:41

- 0117101 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1654.JPG
2010-08-30 11:06 - 2010-08-30 11:06

- 0122993 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1695.0
2010-08-30 11:06 - 2010-08-30 11:06

- 0060817 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1695.JPG
2010-09-06 18:15 - 2010-09-06 18:15

- 0124348 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1714.0
2010-09-06 18:15 - 2010-09-06 18:15

- 0108811 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1714.JPG
2010-09-06 18:22 - 2010-09-06 18:22

- 0118396 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1739.JPG
2010-09-06 18:20 - 2010-09-06 18:20

- 0118228 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1742.JPG
2010-09-06 18:21 - 2010-09-06 18:21

- 0114721 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1743.0
2010-09-06 18:21 - 2010-09-06 18:21

- 0041374 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1743.JPG
2010-09-06 18:19 - 2010-09-06 18:19

- 0118885 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1744.0
2010-09-06 18:19 - 2010-09-06 18:19

- 0045942 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1744.JPG
2010-09-07 12:21 - 2010-09-07 12:21

- 0120370 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1745.0
2010-09-07 12:21 - 2010-09-07 12:21

- 0052945 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1745.JPG
2010-09-07 12:24 - 2010-09-07 12:24

- 0114235 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1747.0
2010-09-07 12:24 - 2010-09-07 12:24

- 0040090 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1747.1
2010-09-07 12:24 - 2010-09-07 12:24

- 0041416 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1747.JPG
2010-10-03 18:18 - 2010-10-03 18:18

- 0119938 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1773.JPG
2010-12-19 18:29 - 2010-12-19 18:28

- 1293192 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1852.0
2010-12-19 18:29 - 2010-12-19 18:29

- 0614563 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1852.1
2010-12-19 18:29 - 2010-12-19 18:29

- 0614469 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1852.JPG
2010-12-19 18:27 - 2010-12-19 18:27

- 1280704 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.0
2010-12-19 18:27 - 2010-12-19 18:27

- 0580990 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.1
2010-12-19 18:27 - 2010-12-19 18:27

- 0580948 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.2
2010-12-19 18:27 - 2010-12-19 18:27

- 0580913 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.3
2010-12-19 18:27 - 2010-12-19 18:27

- 0580919 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.JPG
2010-12-24 22:15 - 2010-12-24 22:15

- 1305656 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.0
2010-12-24 22:15 - 2010-12-24 22:15

- 0567634 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.1
2010-12-24 22:16 - 2010-12-24 22:15

- 0567657 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.2
2010-12-24 22:16 - 2010-12-24 22:16

- 0567635 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.3
2010-12-24 22:16 - 2010-12-24 22:16

- 0567637 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.JPG
2010-12-24 22:14 - 2010-12-24 22:14

- 1277706 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1905.0
2010-12-24 22:14 - 2010-12-24 22:14

- 0599806 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1905.1
2010-12-24 22:14 - 2010-12-24 22:14

- 0599755 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1905.JPG
2011-01-07 00:56 - 2011-01-07 00:56

- 1284286 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1916.0
2011-01-07 00:56 - 2011-01-07 00:56

- 0611358 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1916.JPG
2011-02-05 01:04 - 2011-02-05 01:04

- 1306128 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1935.JPG
2011-02-05 01:06 - 2011-02-05 01:06

- 1310801 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1938.JPG
2011-02-05 01:07 - 2011-02-05 01:07

- 1283349 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1939.JPG
2011-02-05 01:09 - 2011-02-05 01:09

- 1268925 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1941.JPG
2011-02-05 01:10 - 2011-02-05 01:10

- 1267643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1942.JPG
2011-02-05 01:11 - 2011-02-05 01:11

- 1284254 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1943.JPG
2011-02-05 01:13 - 2011-02-05 01:14

- 1301055 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1947.0
2011-02-05 01:14 - 2011-02-05 01:14

- 0466224 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1947.JPG
2011-02-05 01:15 - 2011-02-05 01:15

- 1293138 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1949.0
2011-02-05 01:15 - 2011-02-05 01:15

- 0472954 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1949.JPG
2011-02-05 01:16 - 2011-02-05 01:16

- 1259107 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1950.0
2011-02-05 01:17 - 2011-02-05 01:16

- 0437101 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1950.JPG
2011-02-05 01:17 - 2011-02-05 01:17

- 1282235 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1954.JPG
2011-02-05 01:19 - 2011-02-05 01:19

- 1308872 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1960.JPG
2011-02-13 17:34 - 2011-02-13 17:34

- 1271178 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1963.JPG
2011-02-13 17:35 - 2011-02-13 17:35

- 1276081 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1964.JPG
2011-02-13 17:36 - 2011-02-13 17:36

- 1279742 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1965.JPG
2011-02-13 17:42 - 2011-02-13 17:42

- 1292904 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1972.0
2011-02-13 17:42 - 2011-02-13 17:42

- 0595188 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1972.JPG
2011-02-15 22:00 - 2011-02-15 22:00

- 1294126 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1986.JPG
2011-02-24 22:24 - 2011-02-24 22:24

- 1307352 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1991.0
2011-02-24 22:24 - 2011-02-24 22:24

- 0549948 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1991.JPG
2011-03-06 17:46 - 2011-03-06 17:46

- 1318782 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1997.JPG
2011-03-06 17:43 - 2011-03-06 17:43

- 1332932 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2002.0
2011-03-06 17:43 - 2011-03-06 17:43

- 0510210 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2002.JPG
2011-03-06 17:44 - 2011-03-06 17:44

- 1316416 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2003.JPG
2011-03-07 09:34 - 2011-03-07 09:33

- 1274890 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2004.0
2011-03-07 09:34 - 2011-03-07 09:34

- 0789483 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2004.JPG
2011-03-07 21:53 - 2011-03-07 21:53

- 1274885 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2005.JPG
2011-03-07 21:52 - 2011-03-07 21:52

- 1267421 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2010.JPG
2011-03-07 21:56 - 2011-03-07 21:56

- 1273974 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2011.JPG
2011-03-07 21:57 - 2011-03-07 21:57

- 1277302 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2013.JPG
2011-03-07 21:54 - 2011-03-07 21:54

- 1293404 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2017.JPG
2011-04-16 20:51 - 2011-04-16 20:51

- 1315581 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2025.JPG
2011-04-16 20:51 - 2011-04-16 20:51

- 1292080 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2026.JPG
2011-04-16 20:49 - 2011-04-16 20:49

- 1314801 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2035.0
2011-04-16 20:49 - 2011-04-16 20:49

- 0599006 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2035.JPG
2011-04-25 15:20 - 2011-04-25 15:20

- 1307596 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2112.JPG
2011-04-30 22:38 - 2011-04-30 22:38

- 1298066 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2136.JPG
2011-04-30 22:39 - 2011-04-30 22:39

- 1322262 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2138.JPG
2011-04-30 22:40 - 2011-04-30 22:40

- 1309634 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2139.JPG
2011-04-30 22:41 - 2011-04-30 22:41

- 1322904 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2140.JPG
2011-06-12 13:52 - 2011-06-12 13:52

- 1262679 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2169.JPG
2011-06-12 13:55 - 2011-06-12 13:55

- 1279366 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2177.JPG
2011-06-12 13:49 - 2011-06-12 13:49

- 1261334 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2180.JPG
2011-06-12 13:50 - 2011-06-12 13:50

- 1293257 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2182.JPG
2011-06-17 22:31 - 2011-06-17 22:31

- 1321172 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2183.0
2011-06-17 22:31 - 2011-06-17 22:31

- 0509959 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2183.JPG
2011-06-19 22:04 - 2011-06-19 22:04

- 0116703 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2187.JPG
2011-06-19 22:05 - 2011-06-19 22:05

- 0116082 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2190.JPG
2011-06-19 22:01 - 2011-06-19 22:01

- 0117748 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2193.JPG
2011-06-19 22:03 - 2011-06-19 22:03

- 0117035 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2197.JPG
2011-06-19 22:06 - 2011-06-19 22:06

- 0118663 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2200.JPG
2011-07-18 13:17 - 2011-07-18 13:17

- 0123013 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2229.0
2011-07-18 13:17 - 2011-07-18 13:17

- 0068474 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2229.JPG
2011-08-29 17:35 - 2011-08-29 17:35

- 0120964 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2385.JPG
2011-09-11 20:25 - 2011-09-11 20:25

- 0122540 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2393.JPG
2011-09-11 20:24 - 2011-09-11 20:24

- 0125335 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2395.JPG
2011-09-11 20:26 - 2011-09-11 20:26

- 0123971 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2398.JPG
2011-09-11 20:29 - 2011-09-11 20:29

- 0119387 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2405.JPG
2011-09-11 20:32 - 2011-09-11 20:32

- 0118672 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2421.JPG
2011-09-18 17:40 - 2011-09-18 17:40

- 1304426 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2449.JPG
2011-09-18 17:43 - 2011-09-18 17:43

- 1288406 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2458.JPG
2011-09-18 17:44 - 2011-09-18 17:44

- 1312647 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2459.JPG
2011-10-10 13:12 - 2011-10-10 13:12

- 1273619 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2582.JPG
2011-10-04 10:50 - 2011-10-04 10:50

- 1300377 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2616.0
2011-10-04 10:50 - 2011-10-04 10:50

- 0466372 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2616.JPG
2011-10-04 10:44 - 2011-10-04 10:44

- 1256158 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2623.0
2011-10-04 10:44 - 2011-10-04 10:44

- 0675864 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2623.JPG
2011-10-04 10:46 - 2011-10-04 10:46

- 1271643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2625.0
2011-10-04 10:46 - 2011-10-04 10:47

- 1271643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2625.JPG
2011-10-04 10:43 - 2011-10-04 10:43

- 1297844 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2629.0
2011-10-04 10:43 - 2011-10-04 10:43

- 0418412 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2629.JPG
2011-10-04 10:41 - 2011-10-04 10:41

- 1315743 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2632.0
2011-10-04 10:41 - 2011-10-04 10:41

- 0397200 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2632.JPG
2011-10-04 10:40 - 2011-10-04 10:40

- 1276351 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2633.JPG
2011-10-04 10:27 - 2011-10-04 10:27

- 1295723 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2654.0
2011-10-04 10:27 - 2011-10-04 10:27

- 0733257 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2654.JPG
2011-10-04 10:30 - 2011-10-04 10:30

- 1290307 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2655.0
2011-10-04 10:30 - 2011-10-04 10:30

- 0377537 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2655.JPG
2011-10-04 10:33 - 2011-10-04 10:33

- 1311450 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2658.JPG
2011-10-29 11:52 - 2011-10-29 11:52

- 1274442 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2812.0
2011-10-29 11:52 - 2011-10-29 11:52

- 0623965 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2812.JPG
2011-10-31 20:11 - 2011-10-31 20:11

- 1326983 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2817.JPG
2011-10-31 20:12 - 2011-10-31 20:12

- 1275600 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2819.JPG
2011-12-01 12:04 - 2011-12-01 12:04

- 1307556 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2829.0
2011-12-01 12:04 - 2011-12-01 12:04

- 0534391 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2829.JPG
2011-12-07 14:08 - 2011-12-07 14:08

- 1342024 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2837.0
2011-12-07 14:08 - 2011-12-07 14:08

- 0568931 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2837.JPG
2011-12-06 10:04 - 2011-12-06 10:04

- 1297713 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2843.0
2011-12-06 10:04 - 2011-12-06 10:04

- 0603624 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2843.JPG
2011-12-06 10:06 - 2011-12-06 10:06

- 1279630 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2845.0
2011-12-06 10:06 - 2011-12-06 10:06

- 0592591 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2845.JPG
2011-12-12 01:27 - 2011-12-12 01:27

- 1285879 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2945.JPG
2011-12-21 21:58 - 2011-12-21 21:58

- 1267066 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2964.JPG
2011-12-24 23:13 - 2011-12-24 23:13

- 1274787 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2968.JPG
2012-01-05 16:19 - 2012-01-05 16:19

- 1278695 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2969.JPG
2011-04-13 10:47 - 2011-04-13 10:47

- 0119017 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEPSON002.0
2011-04-13 10:47 - 2011-04-13 10:47

- 0141870 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEPSON002.JPG
2011-04-14 18:15 - 2011-04-14 18:15

- 0208217 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEPSON003[1].JPG
2011-03-11 18:43 - 2011-03-11 18:43

- 0947202 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEXPO_004[1].JPG
2011-10-26 10:51 - 2011-10-26 10:51

- 0178994 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpGRAVE

MARKER.0
2011-10-26 10:51 - 2011-10-26 10:51

- 0181324 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpGRAVE

MARKER.1
2011-10-26 10:51 - 2011-10-26 10:51

- 0181741 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpGRAVE

MARKER.JPG
2012-12-20 23:24 - 2012-12-20 23:24

- 0057715 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHAPPYTAILS.JPG
2012-09-25 23:18 - 2012-09-25 23:18

- 2490355 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHARVEY.JPG
2012-09-25 23:16 - 2012-09-25 23:16

- 0021924 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHARVEYJ-2.0
2012-09-25 23:16 - 2012-09-25 23:16

- 0016735 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHARVEYJ-2.JPG
2013-07-22 22:56 - 2013-07-22 22:56

- 0757371 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHIBBING CABIN MAP030.0
2013-07-22 22:56 - 2013-07-22 22:56

- 1097356 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHIBBING CABIN MAP030.1
2013-07-22 22:56 - 2013-07-22 22:56

- 1118480 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHIBBING CABIN MAP030.JPG
2011-09-20 11:04 - 2011-09-20 11:04

- 0013259 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHOWLOWEEN2006.JPG
2011-06-03 12:10 - 2011-06-03 12:10

- 5016602 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8563.0
2011-06-03 12:10 - 2011-06-03 12:10

- 1152240 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8563.JPG
2011-06-03 12:11 - 2011-06-03 12:11

- 4223711 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8589.0
2011-06-03 12:11 - 2011-06-03 12:11

- 0861439 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8589.JPG
2011-06-03 12:19 - 2011-06-03 12:19

- 4716362 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_9086.0
2011-06-03 12:19 - 2011-06-03 12:19

- 1043970 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_9086.JPG
2011-01-01 19:05 - 2011-01-01 19:05

- 1166454 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJESSICA,JESSE, JD5.JPG
2011-01-01 19:06 - 2011-01-01 19:06

- 0012015 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJESSICA,JESSE, JD5_CROP.0
2011-01-01 19:06 - 2011-01-01 19:06

- 0012013 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJESSICA,JESSE, JD5_CROP.JPG
2012-12-22 22:46 - 2012-12-22 22:46

- 1395219 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJOHNBUSH2.JPG
2010-06-14 19:28 - 2010-06-14 19:28

- 3366613 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpLOOKING+AT+YOU[1].0
2010-06-14 19:28 - 2010-06-14 19:28

- 0697527 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpLOOKING+AT+YOU[1].JPG
2010-02-03 20:14 - 2011-08-23 09:25

- 0011382 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpME

AND TEUFEL.JPG
2010-05-29 22:01 - 2010-05-29 22:01

- 2076087 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].0
2010-05-29 22:01 - 2010-05-29 22:01

- 0992653 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].1
2010-05-29 22:01 - 2010-05-29 22:01

- 0982699 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].2
2010-05-29 22:01 - 2010-05-29 22:01

- 1018182 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].JPG
2012-08-08 12:24 - 2012-08-08 12:24

- 0222265 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpRICKSBASSETS07162012.JPG
2010-12-07 10:25 - 2010-12-07 10:25

- 2792446 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSAM_0041[1].JPG
2010-12-07 10:27 - 2010-12-07 10:27

- 2724806 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSAM_0042[1].JPG
2010-12-07 10:28 - 2010-12-07 10:28

- 2779611 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSAM_0043[1].JPG
2013-02-21 23:45 - 2013-02-21 23:45

- 0305120 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpSIS

FLYER.JPG
2011-09-20 09:12 - 2011-09-20 09:12

- 0078677 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSIS.JPG
2012-12-02 12:34 - 2012-12-02 12:34

- 1372344 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL 7.0
2012-12-02 12:34 - 2012-12-02 12:34

- 0690494 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL 7.JPG
2011-08-01 18:25 - 2011-08-01 18:25

- 0089772 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL AT BASSETFEST.JPG
2010-09-13 23:27 - 2010-09-13 23:27

- 0121804 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL3[1].JPG
2011-03-17 13:03 - 2011-03-17 13:03

- 0076429 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTUEFFLES.0
2011-03-17 13:03 - 2011-03-17 13:03

- 0042211 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTUEFFLES.1
2011-03-17 13:03 - 2011-03-17 13:03

- 0044867 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTUEFFLES.JPG
2013-08-09 10:57 - 2013-08-09 10:57

- 0331186 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTYKE.JPG
2012-12-22 22:50 - 2012-12-22 22:50

- 2270875 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpUNITED NATIONS COMMAND

SUPPORT GROUP.JPG
2011-09-20 09:12 - 2011-09-20 09:12

- 0115122 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpWELCOME FROM STONE

MOUNTAIN.JPG
2010-02-13 21:07 - 2010-02-13 21:07

- 0022618 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpWHITE_BUTTERFLY_SNIFFER

[1].JPG
2013-08-10 19:10 - 2013-08-10 19:10

- 0000000 _____ () C:\ProgramData

\3b203d3a29333421252a593f31_c
2014-10-19 18:23 - 2014-10-19 18:23

- 0000057 _____ () C:\ProgramData

\Ament.ini
2011-01-10 18:40 - 2011-01-10 18:40

- 0000056 ____H () C:\ProgramData

\ezsidmv.dat

Files to move or delete:
====================
C:\Users\Sinnfamily\jobq.dat


Some files in TEMP:
====================
C:\Users\Sinnfamily\AppData\Local

\Temp\DseShExt-x64.dll
C:\Users\Sinnfamily\AppData\Local

\Temp\DseShExt-x86.dll
C:\Users\Sinnfamily\AppData\Local

\Temp\SDShelEx-win32.dll
C:\Users\Sinnfamily\AppData\Local

\Temp\SDShelEx-x64.dll


Some zero byte size files/folders:
=======================

===
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\nvvsvc.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe
C:\Windows

\SysWOW64\WUDFHost.exe
C:\Windows\System32\nvd3dum.dll
C:\Windows\System32\nvwgf2um.dll

====================

Bamital & volsnap Check

=================

(There is no automatic fix for files that

do not pass verification.)

C:\Windows\System32\winlogon.exe

=> File is digitally signed
C:\Windows\System32\wininit.exe =>

File is digitally signed
C:\Windows\SysWOW64\wininit.exe

=> File is digitally signed
C:\Windows\explorer.exe => File is

digitally signed
C:\Windows\SysWOW64\explorer.exe

=> File is digitally signed
C:\Windows\System32\svchost.exe

=> File is digitally signed
C:\Windows\SysWOW64\svchost.exe

=> File is digitally signed
C:\Windows\System32\services.exe

=> File is digitally signed
C:\Windows\System32\User32.dll =>

File is digitally signed
C:\Windows\SysWOW64\User32.dll

=> File is digitally signed
C:\Windows\System32\userinit.exe

=> File is digitally signed
C:\Windows\SysWOW64\userinit.exe

=> File is digitally signed
C:\Windows\System32\rpcss.dll =>

File is digitally signed
C:\Windows\System32\Drivers

\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-20 22:12

==================== End

of log

Additional scan result of Farbar

Recovery Scan Tool (x64) Version: 21

-05-2015
Ran by Sinnfamily at 2015-05-22

16:13:39
Running from C:\Users\Sinnfamily

\Downloads
Boot Mode: Normal
=======================

=======================

============


====================

Accounts:

=======================

======

Administrator (S-1-5-21-2643768202-

156854014-2583388340-500 -

Administrator - Disabled)
Guest (S-1-5-21-2643768202-

156854014-2583388340-501 - Limited

- Disabled)
HomeGroupUser$ (S-1-5-21-

2643768202-156854014-2583388340

-1002 - Limited - Enabled)
Sinnfamily (S-1-5-21-2643768202-

156854014-2583388340-1001 -

Administrator - Enabled) => C:\Users

\Sinnfamily

====================

Security Center

=======================

=

(If an entry is included in the fixlist, it

will be removed.)

AV: avast! Antivirus (Enabled - Up to

date) {17AD7D40-BA12-9C46-7131-

94903A54AD8B}
AV: AVG Internet Security 2015

(Disabled - Up to date) {4D41356F-

32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up

to date) {D68DDC3A-831F-4fae-9E44

-DA132C1ACF46}
AS: AVG Internet Security 2015

(Disabled - Up to date) {F620D48B-

1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to

date) {ACCC9CA4-9C28-93C8-4B81-

AFE241D3E736}

====================

Installed Programs

======================

(Only the adware programs with

"hidden" flag could be added to the

fixlist to unhide them. The adware

programs should be uninstalled

manually.)

Acrobat.com (HKLM-x32\...

\com.adobe.mauby.4875E02D9FB21E

E389F73B8D1702B320485DF8CE.1)

(Version: 2.3.0.0 - Adobe Systems

Incorporated)
Acrobat.com (x32 Version: 2.3.0 -

Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR)

(Version: 1.5.3.9120 - Adobe Systems

Inc.)
Adobe Flash Player 17 ActiveX

(HKLM-x32\...\Adobe Flash Player

ActiveX) (Version: 17.0.0.169 - Adobe

Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-

x32\...\Adobe Flash Player NPAPI)

(Version: 17.0.0.169 - Adobe Systems

Incorporated)
Adobe Reader XI (11.0.10) (HKLM-

x32\...\{AC76BA86-7AD7-1033-7B44-

AB0000000001}) (Version: 11.0.10 -

Adobe Systems Incorporated)
Adobe Shockwave Player 12.0

(HKLM-x32\...\Adobe Shockwave

Player) (Version: 12.0.2.122 - Adobe

Systems, Inc.)
Apple Application Support (HKLM-

x32\...\{46F044A5-CE8B-4196-984E-

5BD6525E361D}) (Version: 2.3.6 -

Apple Inc.)
Apple Software Update (HKLM-x32\...

\{789A5B64-9DD9-4BA5-915A-

F0FC0A1B7BFE}) (Version: 2.1.3.127 -

Apple Inc.)
Avast Free Antivirus (HKLM-x32\...

\Avast) (Version: 10.2.2218 - AVAST

Software)
AVG 2015 (Version: 15.0.5941 - AVG

Technologies) Hidden
Compatibility Pack for the 2007 Office

system (HKLM-x32\...\{90120000-

0020-0409-0000-0000000FF1CE})

(Version: 12.0.6612.1000 - Microsoft

Corporation)
Coupon Printer for Windows (HKLM-

x32\...\Coupon Printer for

Windows5.0.0.4) (Version: 5.0.0.4 -

Coupons.com Incorporated)
CyberLink DVD Suite Deluxe (HKLM-

x32\...\InstallShield_{1FBF6C24-

C1FD-4101-A42B-0C564F9E8E79})

(Version: 6.0.3101 - CyberLink Corp.)
DirectX for Managed Code Update

(Summer 2004) (x32 Version:

9.02.2904 - Microsoft) Hidden
Family Tree Maker 2011 (HKLM-

x32\...\Family Tree Maker 2011)

(Version: 20.0.379 - Ancestry.com)
Family Tree Maker 2011 (x32 Version:

20.0.379 - Ancestry.com) Hidden
FamilySearch Indexing 3.10.5

(HKLM-x32\...\0591-8077-9297-0833)

(Version: 3.10.5 - FamilySearch)
FamilySearch Linking 1.1.0 (HKLM-

x32\...\0591-8077-9297-0833-1)

(Version: 1.1.0 - FamilySearch)
FUJIFILM MyFinePix Studio 2.0

(HKLM-x32\...\FinePix Genie_is1)

(Version: - )
Google Chrome (HKLM-x32\...\Google

Chrome) (Version: 43.0.2357.65 -

Google Inc.)
Google Talk Plugin (HKLM-x32\...

\{CA3DD97D-1FD7-37A7-BD5C-

FC4430C8B8E6}) (Version: 5.41.2.0 -

Google)
Google Update Helper (x32 Version:

1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version:

1.3.27.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...

\PC-Doctor for Windows) (Version:

6.0.5434.08 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3

(x32 Version: 1.00.0000 - Hewlett-

Packard Company) Hidden
Homepage Protection (HKLM-x32\...

\Homepage Protection) (Version: -

AOL Products)
HP Advisor (HKLM-x32\...

\{40FB8D7C-6FF8-4AF2-BC8B-

0B1DB32AF04B}) (Version:

3.3.12286.3436 - Hewlett-Packard)
HP ENVY 4500 series Basic Device

Software (HKLM\...\{38A08516-1847-

43E4-8076-9540B60EC43B}) (Version:

32.2.188.47710 - Hewlett-Packard

Co.)
HP ENVY 4500 series Help (HKLM-

x32\...\{95BECC50-22B4-4FCA-8A2E-

BF77713E6D3A}) (Version: 30.0.0 -

Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent

hp Master Uninstall) (Version: 1.0.0.71

- WildTangent)
HP MediaSmart Demo (HKLM-x32\...

\{9DEF9686-CCB2-47B7-BF83-

B49EA21FA016}) (Version: 1.00.0000

- Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...

\InstallShield_{DCCAD079-F92C-

44DA-B258-624FC6517A5A}) (Version:

3.0.3420 - Hewlett-Packard)
HP MediaSmart Movie Themes

(HKLM-x32\...\InstallShield_

{3023EBDA-BF1B-4831-B347-

E5018555F26E}) (Version: 3.0.3102 -

Hewlett-Packard)
HP MediaSmart Music/Photo/Video

(HKLM-x32\...\InstallShield_

{B2EE25B9-5B00-4ACF-94F0-

92433C28C39E}) (Version: 3.1.3601 -

Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...

\{26280024-DFB7-4967-90DB-

7F9C6660D01E}) (Version: 3.0.28.2 -

Hewlett-Packard)
HP Odometer (HKLM-x32\...

\{B8AC1A89-FFD1-4F97-8051-

E505A160F562}) (Version: 2.10.0000 -

Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP

Photo Creations) (Version:

1.0.0.16432 - HP)
HP Product Detection (HKLM-x32\...

\{A436F67F-687E-4736-BD2B-

537121A804CF}) (Version: 11.14.0001

- HP)
HP Remote Solution (HKLM-x32\...\HP

Remote Solution) (Version: 1.1.9.0 -

TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-

EB57-45AA-B3D1-EB532BCF6EF8})

(Version: 1.2.3220.3079 - Hewlett-

Packard)
HP Support Information (HKLM-

x32\...\{B9A03B7B-E0FF-4FB3-BA83-

762E58A1B0AA}) (Version: 10.1.0002

- Hewlett-Packard)
HP Support Solutions Framework

(HKLM-x32\...\{44157EB3-D8D0-

4BB1-B0F5-AD2C38814ED1})

(Version: 11.51.0027 - Hewlett-

Packard Company)
HP Update (HKLM-x32\...

\{912D30CF-F39E-4B31-AD9A-

123C6B794EE2}) (Version:

5.005.002.002 - Hewlett-Packard)
Java 8 Update 45 (HKLM-x32\...

\{26A24AE4-039D-4CA4-87B4-

2F83218045F0}) (Version: 8.0.450 -

Oracle Corporation)
LabelPrint (HKLM-x32\...

\InstallShield_{C59C179C-668D-49A9

-B6EA-0121CCFC1243}) (Version:

2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 -

CyberLink Corp.) Hidden
LightScribe System Software (HKLM-

x32\...\{DD6C316A-FE75-4FBB-9D22-

4C1920232B72}) (Version: 1.18.5.1 -

LightScribe)
Malwarebytes Anti-Malware version

2.1.6.1022 (HKLM-x32\...

\Malwarebytes Anti-Malware_is1)

(Version: 2.1.6.1022 - Malwarebytes

Corporation)
Microsoft .NET Framework 4.5.2

(HKLM\...\{92FB6C44-E685-45AD-

9B20-CADF4CABA132} - 1033)

(Version: 4.5.51209 - Microsoft

Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...

\Microsoft IntelliPoint 8.2) (Version:

8.20.468.0 - Microsoft Corporation)
Microsoft Office Home and Student 60

day trial (HKLM\...\OfficeTrial)

(Version: - )
Microsoft Office PowerPoint Viewer

2007 (English) (HKLM-x32\...

\{95120000-00AF-0409-0000-

0000000FF1CE}) (Version:

12.0.6612.1000 - Microsoft

Corporation)
Microsoft Primary Interoperability

Assemblies 2005 (HKLM-x32\...

\{D24DB8B9-BB6C-4334-9619-

BA1C650E13D3}) (Version:

8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...

\{89F4137D-6C26-4A84-BDB8-

2E5A4BB71E00}) (Version:

5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL

Update kb973923 - x64

8.0.50727.4053 (HKLM\...

\{B6E3757B-5E77-3915-866A-

CCFC4B8D194C}) (Version:

8.0.50727.4053 - Microsoft

Corporation)
Microsoft Visual C++ 2005 ATL

Update kb973923 - x86

8.0.50727.4053 (HKLM-x32\...

\{770657D0-A123-3C07-8E44-

1C83EC895118}) (Version:

8.0.50727.4053 - Microsoft

Corporation)
Microsoft Visual C++ 2005

Redistributable (HKLM-x32\...

\{710f4c1c-cc18-4c49-8cbf-

51240c89a1a2}) (Version: 8.0.61001 -

Microsoft Corporation)
Microsoft Visual C++ 2005

Redistributable (x64) - KB2467175

(HKLM\...\{aac9fcc4-dd9e-4add-

901c-b5496a07ab2e}) (Version:

8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005

Redistributable (x64) (HKLM\...

\{071c9b48-7c32-4621-a0ac-

3f809523288f}) (Version: 8.0.56336 -

Microsoft Corporation)
Microsoft Visual C++ 2005

Redistributable (x64) (HKLM\...

\{ad8a2fa1-06e7-4b0d-927d-

6e54b3d31028}) (Version: 8.0.61000 -

Microsoft Corporation)
Microsoft Visual C++ 2008 ATL

Update kb973924 - x64

9.0.30729.4148 (HKLM\...

\{EE936C7A-EA40-31D5-9B65-

8E3E089C3828}) (Version:

9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008 ATL

Update kb973924 - x86

9.0.30729.4148 (HKLM-x32\...

\{002D9D5E-29BA-3E6D-9BC4-

3D7D6DBC735C}) (Version:

9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - KB2467174 - x64

9.0.30729.5570 (HKLM\...

\{8338783A-0968-3B85-AFC7-

BAAE0A63DC50}) (Version:

9.0.30729.5570 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - KB2467174 - x86

9.0.30729.5570 (HKLM-x32\...

\{86CE85E6-DBAC-3FFD-B977-

E4B79F83C909}) (Version:

9.0.30729.5570 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x64 9.0.21022

(HKLM\...\{350AA351-21FA-3270-

8B7A-835434E766AD}) (Version:

9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x64 9.0.30729.17

(HKLM\...\{8220EEFE-38CD-377E-

8595-13398D740ACE}) (Version:

9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x64 9.0.30729.6161

(HKLM\...\{5FCE6D76-F5DC-37AB-

B2B8-22AB8CEDB1D4}) (Version:

9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.21022

(HKLM-x32\...\{FF66E9F6-83E7-

3A3E-AF14-8DE9A809A6A4})

(Version: 9.0.21022 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.21022.218

(HKLM-x32\...\{E503B4BF-F7BB-

3D5F-8BC8-F694B1CFF942}) (Version:

9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.17

(HKLM-x32\...\{9A25302D-30C0-39D9

-BD6F-21E6EC160475}) (Version:

9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.4148

(HKLM-x32\...\{1F1C2DFC-2D24-3E06

-BCB8-725134ADF989}) (Version:

9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.6161

(HKLM-x32\...\{9BE518E6-ECC6-35A9

-88E4-87755C07200F}) (Version:

9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2010 x86

Redistributable - 10.0.40219 (HKLM-

x32\...\{F0C3E5D1-1ADE-321E-8167-

68EF0DE699A5}) (Version: 10.0.40219

- Microsoft Corporation)
Microsoft Works (HKLM-x32\...

\{15BC8CD0-A65B-47D0-A2DD-

90A824590FA8}) (Version: 9.7.0621 -

Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-

x32\...\{E3E71D07-CD27-46CB-8448-

16D4FB29AA13}) (Version: 3.0.5305.0

- Microsoft Corp.)
Mozilla Firefox 38.0.1 (x86 en-US)

(HKLM-x32\...\Mozilla Firefox 38.0.1

(x86 en-US)) (Version: 38.0.1 -

Mozilla)
Mozilla Maintenance Service (HKLM-

x32\...\MozillaMaintenanceService)

(Version: 37.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-

x32\...\{86493ADD-824D-4B8E-BD72

-8C5DCDC52A71}) (Version:

4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-

x32\...\{F662A8E6-F4DC-41A2-901E-

8C11F044BDEC}) (Version:

4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder

(HKLM-x32\...\Family Tree Builder)

(Version: 7.0.0.7128 -

MyHeritage.com)
NVIDIA Drivers (HKLM\...\NVIDIA

Drivers) (Version: 1.5 - NVIDIA

Corporation)
OpenOffice 4.1.0 (HKLM-x32\...

\{C87EF11D-36E9-479D-9898-

7541EA1E8A6A}) (Version: 4.10.9764

- Apache Software Foundation)
PictureMover (HKLM-x32\...

\{1896E712-2B3D-45eb-BCE9-

542742A51032}) (Version: 3.3.1.19 -

Hewlett-Packard Company)
Power2Go (HKLM-x32\...

\InstallShield_{40BF1E83-20EB-11D8

-97C5-0009C5020658}) (Version:

6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 -

CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...

\InstallShield_{CB099890-1D5F-11D5

-9EA9-0050BAE317E1}) (Version:

7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101

- CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923

- CyberLink Corp.) Hidden
Product Improvement Study for HP

ENVY 4500 series (HKLM\...

\{3A5F6684-5FD8-4660-A4DA-

BF60A20FCCFC}) (Version:

32.2.188.47710 - Hewlett-Packard

Co.)
QuickTime 7 (HKLM-x32\...

\{3D2CBC2C-65D4-4463-87AB-

BB2C859C1F3E}) (Version: 7.76.80.95

- Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-

4961-AFED-118DD8E87642})

(Version: 1.00.0001 - FUJIFILM

Corporation)
RealDownloader (x32 Version: 1.3.3 -

RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver

(HKLM-x32\...\{F132AF7F-7BCA-

4EDE-8A7C-958108FE7DBC})

(Version: 6.0.1.5882 - Realtek

Semiconductor Corp.)
Skype Toolbars (HKLM-x32\...

\{B6CF2967-C81E-40C0-9815-

C05774FEF120}) (Version: 5.3.7555 -

Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-

x32\...\{B4092C6D-E886-4CB2-BA68-

FE5A88D31DE6}_is1) (Version: 1.6.2 -

Safer Networking Limited)
swMSM (x32 Version: 12.0.0.1 -

Adobe Systems, Inc) Hidden
Uniblue RegistryBooster (HKLM-

x32\...\{E63E34A7-E552-412B-9E40-

FD6FC5227ABA}_is1) (Version: -

Uniblue Systems Ltd)
Visual C++ 8.0 Runtime Setup

Package (x64) (HKLM-x32\...

\{2FDBBCEA-62DB-45F4-B6E5-

0E1FB2A1F29D}) (Version: 9.0.0.623 -

AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64

Redistributables (HKLM-x32\...

\{FCDBEA60-79F0-4FAE-BBA8-

55A26C609A49}) (Version: 10.0.0.2 -

AVG Technologies)
Visual Studio 2010 x64

Redistributables (HKLM\...

\{21B133D6-5979-47F0-BE1C-

F6A6B304693F}) (Version: 13.0.0.1 -

AVG Technologies)
Visual Studio 2012 x64

Redistributables (HKLM\...

\{8C775E70-A791-4DA8-BCC3-

6AB7136F4484}) (Version: 14.0.0.1 -

AVG Technologies)
Visual Studio 2012 x86

Redistributables (HKLM-x32\...

\{98EFF19A-30AB-4E4B-B943-

F06B1C63EBF8}) (Version: 14.0.0.1 -

AVG Technologies CZ, s.r.o.)
Windows Media Encoder 9 Series

(HKLM-x32\...\Windows Media

Encoder 9) (Version: - )
Yahoo! Software Update (HKLM-

x32\...\Yahoo! Software Update)

(Version: - )

====================

Custom CLSID (Whitelisted):

=======================

===

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)


====================

Restore Points

=======================

==

13-05-2015 03:00:38 Windows Update
19-05-2015 18:09:50 Windows Update
20-05-2015 09:37:59 Installed AVG PC

TuneUp 2015
20-05-2015 16:44:33 AVG 2015

====================

Hosts content:

=======================

========

(If needed Hosts: directive could be

included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00

- 00000824 ____A C:\Windows

\system32\Drivers\etc\hosts

====================

Scheduled Tasks (Whitelisted)

=============

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

Task: {00DE05F7-C4C2-4461-B40C-

0CA9AEAFB3D7} - System32\Tasks

\DVDAgent => c:\Program Files

(x86)\Hewlett-Packard\Media\DVD

\DVDAgent.exe [2009-10-20]

(CyberLink Corp.)
Task: {048B52EB-3E7E-4737-81C5-

ACC489A6E904} - System32\Tasks

\Microsoft_Hardware_Launch_IPoint_

exe => c:\Program Files\Microsoft

IntelliPoint\IPoint.exe [2011-08-01]

(Microsoft Corporation)
Task: {0D301EBB-5114-4655-8904-

9DE15036F3C8} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant

\WarrantyChecker_DeviceScan => C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework\Resources

\HPWarrantyCheck

\HPWarrantyChecker.exe [2015-04-

14] (Hewlett-Packard)
Task: {17B83FB2-BD08-4668-BBA5-

1E0D76ADCB97} - System32\Tasks

\Microsoft\Windows\Setup\gwx

\launchtrayprocess => C:\Windows

\system32\GWX\GWX.exe [2015-05-

07] (Microsoft Corporation)
Task: {2B1C0F13-4C81-4717-B976-

9DE922CB21F4} - System32\Tasks

\Apple\AppleSoftwareUpdate => C:

\Program Files (x86)\Apple Software

Update\SoftwareUpdate.exe [2011-

06-01] (Apple Inc.)
Task: {36D38275-813C-4788-B1AB-

3779C3F2F598} - System32\Tasks

\GoogleUpdateTaskMachineUA => C:

\Program Files (x86)\Google\Update

\GoogleUpdate.exe [2014-10-18]

(Google Inc.)
Task: {5B105DDE-C5D1-42E9-A71A-

B1D20E9FCB26} - System32\Tasks

\FreeFileViewerUpdateChecker => C:

\Program Files (x86)\FreeFileViewer

\FFVCheckForUpdates.exe <====

ATTENTION
Task: {6267E7E9-9D6A-41CA-A45C-

EC8E2D68322B} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001Core => C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe [2014-10-22]

(Google Inc.)
Task: {6ACE0257-90C2-433B-9293-

A8913B336AFB} - System32\Tasks

\RealUpgradeScheduledTaskS-1-5-21

-2643768202-156854014-2583388340

-1001 => C:\Program Files

(x86)\Real\RealUpgrade

\RealUpgrade.exe
Task: {6E4E334F-75C0-46E8-81FE-

2243052EC701} - System32\Tasks

\PCDRScheduledMaintenance => C:

\Program Files\PC-Doctor for

Windows\pcdr5cuiw32.exe [2009-07-

02] (PC-Doctor, Inc.)
Task: {726F081B-293C-4B46-8725-

F09B51D31EC8} - \ProgramRefresh-

ATFST No Task File <====

ATTENTION
Task: {72B810CC-FF0E-4D5E-A275-

971FD7D12A79} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\HP Support Assistant Quick

Start => C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\HPSF.exe [2013-11-04]

(Hewlett-Packard Company)
Task: {7B4207E6-F2CF-45C3-BE5B-

742E3CAC74BD} - System32\Tasks

\Adobe Flash Player Updater => C:

\Windows\SysWOW64\Macromed

\Flash\FlashPlayerUpdateService.exe

[2015-04-15] (Adobe Systems

Incorporated)
Task: {8D9E64D7-9597-4BFE-BFFB-

66505B2C918F} - System32\Tasks\HP

Photo Creations Communicator =>

C:\ProgramData\HP Photo Creations

\Communicator.exe [2014-12-31] ()
Task: {917BB944-4725-4B52-A174-

A2ABC541FCF6} - System32\Tasks

\GoogleUpdateTaskMachineCore =>

C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe [2014-10

-18] (Google Inc.)
Task: {922ECA91-B0D0-4F5E-9E67-

09CAA18910A8} - System32\Tasks

\{95EEF560-9095-4226-A149-

6BC6A070B950} => C:\Program Files

(x86)\iWin Games\iWinGames.exe
Task: {92F47BF9-5F86-45CD-8F3F-

64C84078CC81} - System32\Tasks

\Microsoft\Windows\Setup\gwx

\refreshgwxconfig => C:\Windows

\system32\GWX

\GWXConfigManager.exe [2015-05-

07] (Microsoft Corporation)
Task: {98B4F376-E5F1-4AB0-91B1-

0ABE576B94B1} - System32\Tasks

\Google Update => C:\Users

\Sinnfamily\AppData\Local\Google

\Update\GoogleUpdate.exe [2014-10

-22] (Google Inc.)
Task: {9C41A200-A3BC-4255-A88B-

9B094C22A07A} - System32\Tasks

\Adobe Reader and Acrobat Manager

=> C:\Program Files (x86)\Common

Files\Adobe\ARM\1.0\AdobeARM.exe

[2014-11-20] (Adobe Systems

Incorporated)
Task: {9EB87832-63D6-47B0-AA08-

D15DEE543D72} - System32\Tasks

\RealUpgradeLogonTaskS-1-5-21-

2643768202-156854014-2583388340

-1001 => C:\Program Files

(x86)\Real\RealUpgrade

\RealUpgrade.exe
Task: {A44BA7CF-38BA-4AD1-B970-

82B6530D3FC7} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant

\WarrantyChecker_CN47T1507X =>

C:\Program Files (x86)\Hewlett-

Packard\HP Support Framework

\Resources\HPWarrantyCheck

\HPWarrantyChecker.exe [2015-04-

14] (Hewlett-Packard)
Task: {B3D5A209-57D7-42F6-B758-

196D312C9C98} - System32\Tasks

\Microsoft_Hardware_Launch_rundll3

2_exe => Rundll32.exe

url.dll,OpenURL

http://go.microsoft.com/fwlink/?

LinkId=116866
Task: {C0096E98-F13A-47F0-8A91-

66B0763601AF} - System32\Tasks

\HPCeeScheduleForSinnfamily => C:

\Program Files (x86)\Hewlett-Packard

\HP Ceement\HPCEE.exe [2011-07-

15] (Hewlett-Packard)
Task: {C8FF2829-6472-46F5-9C86-

D0D000FA13BC} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\PC Health Analysis => C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework\HPSF.exe

[2013-11-04] (Hewlett-Packard

Company)
Task: {D273146D-2A8C-4339-9A6C-

9BBB18BDE05C} - System32\Tasks

\RunAsStdUser Task => C:\Program

Files (x86)\iWin Games

\iWinGames.exe
Task: {D5082955-084C-42C7-A1B3-

92418DAF3313} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\PC Tuneup => C:\Program

Files (x86)\Hewlett-Packard\HP

Support Framework\HPSF.exe [2013-

11-04] (Hewlett-Packard Company)
Task: {DB23E848-922E-43C5-B7F1-

B5FA7DADE589} -

\ProgramUpdateCheck No Task File

<==== ATTENTION
Task: {DCA7AA00-2695-42E5-8448-

76A39D4A6B9E} - System32\Tasks

\CLMLSvc => c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\Kernel\CLML\CLMLSvc.exe

[2009-12-01] (CyberLink)
Task: {E853C7A8-D1A1-4AF6-A451-

747EB0D00AC1} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001UA => C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe [2014-10-22]

(Google Inc.)
Task: {EBD141B3-63E0-4A72-8E9C-

DF3AB841FB16} - System32\Tasks

\{47742B60-D7A2-424D-8371-

21724FCD2E7C} => C:\Program Files

(x86)\Skype\\Phone\Skype.exe
Task: {EDBB4BBF-2315-401E-BD70-

20E9ACAB5586} - System32\Tasks

\Java Update Scheduler => C:

\Program Files (x86)\Common Files

\Java\Java Update\jusched.exe [2015

-04-10] (Oracle Corporation)
Task: {F8D7255A-057C-4D5B-B371-

5DEDDE35203D} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\Update Check => C:

\ProgramData\Hewlett-Packard\HP

Support Framework\Resources

\Updater7\HPSFUpdater.exe [2014-

05-12] (Hewlett-Packard Company)
Task: {FA4F0B45-642B-4CEA-BAD2-

2808F9D8A5D9} - System32\Tasks\HP

online update program => c:

\Program Files (x86)\HP\HP Software

Update\HPWuSchd2.exe [2013-05-30]

(Hewlett-Packard)
Task: {FD855F12-7FA9-431D-8FD0-

621F646AB67E} - System32\Tasks

\HPCustParticipation HP ENVY 4500

series => C:\Program Files\HP\HP

ENVY 4500 series\Bin

\HPCustPartic.exe [2014-03-06]

(Hewlett-Packard Co.)
Task: {FDB407C0-6848-489E-9081-

B52D1DB72EC6} - System32\Tasks

\ROC_REG_JAN_DELETE => C:

\ProgramData\AVG January 2013

Campaign\ROC.exe [2013-01-17] ()
Task: C:\Windows\Tasks\Adobe Flash

Player Updater.job => C:\Windows

\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks

\FreeFileViewerUpdateChecker.job

=> C:\Program Files

(x86)\FreeFileViewer

\FFVCheckForUpdates.exe <====

ATTENTION
Task: C:\Windows\Tasks

\GoogleUpdateTaskMachineCore.job

=> C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks

\GoogleUpdateTaskMachineUA.job

=> C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001Core.job => C:\Users

\Sinnfamily\AppData\Local\Google

\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001UA.job => C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo

Creations Communicator.job => C:

\ProgramData\HP Photo Creations

\Communicator.exe
Task: C:\Windows\Tasks

\HPCeeScheduleForSinnfamily.job =>

C:\Program Files (x86)\Hewlett-

Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks

\PCDRScheduledMaintenance.job =>

C:\Program Files\PC-Doctor for

Windows\pcdr5cuiw32.exe5-fh

scripts\monthly.xml
Task: C:\Windows\Tasks

\ROC_REG_JAN_DELETE.job => C:

\ProgramData\AVG January 2013

Campaign\ROC.exe

====================

Loaded Modules (Whitelisted)

==============

2013-08-14 15:19 - 2013-08-14 15:19

- 00039056 _____ () C:\Program Files

(x86)\RealNetworks\RealDownloader

\rndlresolversvc.exe
2015-05-20 18:26 - 2015-05-20 18:26

- 00104400 _____ () C:\Program Files

\AVAST Software\Avast\log.dll
2015-05-20 18:26 - 2015-05-20 18:26

- 00081728 _____ () C:\Program Files

\AVAST Software\Avast

\JsonRpcServer.dll
2015-05-22 15:35 - 2015-05-22 15:35

- 02931200 _____ () C:\Program Files

\AVAST Software\Avast\defs

\15052201\algo.dll
2015-05-20 18:26 - 2015-05-20 18:26

- 40540672 _____ () C:\Program Files

\AVAST Software\Avast\libcef.dll

====================

Alternate Data Streams (Whitelisted)

=========

(If an entry is included in the fixlist,

only the ADS will be removed.)

AlternateDataStreams: C:

\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:

\ProgramData\Temp:373E1720
AlternateDataStreams: C:

\ProgramData\Temp:4A74A9A7
AlternateDataStreams: C:

\ProgramData\Temp:6611AB82
AlternateDataStreams: C:

\ProgramData\Temp:972E051C

==================== Safe

Mode (Whitelisted)

===================

(If an item is included in the fixlist, it

will be removed from the registry. The

"AlternateShell" will be restored.)


==================== EXE

Association (Whitelisted)

===============

(If an entry is included in the fixlist,

the registry item will be restored to

default or removed.)


====================

Internet Explorer trusted/restricted

===============

(If an entry is included in the fixlist, it

will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\skillsoft.com ->

hxxp://support.skillsoft.com
IE trusted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\usaa.com ->

hxxps://www.usaa.com

IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\007guard.com ->

install.007guard.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\032439.com ->

80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\0scan.com ->

www.0scan.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1-2005-search.com ->

www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1-domains-registrations.com

-> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1000gratisproben.com ->

www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1001namen.com ->

www.1001namen.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\100888290cs.com ->

mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\100sexlinks.com ->

www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\10sek.com ->

www.10sek.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123fporn.info ->

www.123fporn.info
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123haustiereundmehr.com

-> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123moviedownload.com ->

www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123simsen.com ->

www.123simsen.com

There are 7369 more restricted sites.

====================

Other Areas

=======================

=====

(Currently there is no automatic fix for

this section.)

HKU\S-1-5-21-2643768202-

156854014-2583388340-1001\Control

Panel\Desktop\\Wallpaper -> C:

\Users\Sinnfamily\AppData\Roaming

\Microsoft\Windows\Themes

\TranscodedWallpaper.jpg
DNS Servers: 173.225.144.10 -

173.225.144.70

====================

MSCONFIG/TASK MANAGER Error

getting ==

(Currently there is no automatic fix for

this section.)

MSCONFIG\startupfolder:

C:^ProgramData^Microsoft^Windows

^Start

Menu^Programs^Startup^PictureMov

er.lnk => C:\Windows\pss

\PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder:

C:^Users^Sinnfamily^AppData^Roa

ming^Microsoft^Windows^Start

Menu^Programs^Startup^Monitor

Ink Alerts - HP ENVY 4500 series.lnk

=> C:\Windows\pss\Monitor Ink

Alerts - HP ENVY 4500

series.lnk.Startup
MSCONFIG\startupfolder:

C:^Users^Sinnfamily^AppData^Roa

ming^Microsoft^Windows^Start

Menu^Programs^Startup^OpenOffic

e.org 3.3.lnk => C:\Windows\pss

\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: APSDaemon

=> "C:\Program Files (x86)\Common

Files\Apple\Apple Application Support

\APSDaemon.exe"
MSCONFIG\startupreg:

ChristmasHolidayLaughs Search

Scope Monitor => "C:

\PROGRA~2\CHRIST~2\bar\1.bin

\4msrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Family Tree

Builder Update => C:\Program Files

(x86)\MyHeritage\Bin

\FTBCheckUpdates.exe
MSCONFIG\startupreg: Google

Update => "C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Remote

Solution => %ProgramFiles%

\Hewlett-Packard\HP Remote

Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HPADVISOR

=> C:\Program Files (x86)\Hewlett-

Packard\HP Advisor\HPAdvisor.exe

view=DOCKVIEW
MSCONFIG\startupreg: hpsysdrv =>

c:\program files (x86)\hewlett-

packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IntelliPoint =>

"c:\Program Files\Microsoft

IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: NvCplDaemon

=> RUNDLL32.EXE C:\Windows

\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: SmartMenu

=> C:\Program Files\Hewlett-

Packard\HP MediaSmart

\SmartMenu.exe /background
MSCONFIG\startupreg: SpybotSD

TeaTimer => C:\Program Files

(x86)\Spybot - Search & Destroy

\TeaTimer.exe
MSCONFIG\startupreg:

UpdatePRCShortCut => "C:\Program

Files (x86)\Hewlett-Packard\Recovery

\MUITransfer\MUIStartMenu.exe" "C:

\Program Files (x86)\Hewlett-Packard

\Recovery" UpdateWithCreateOnce

"Software\CyberLink\PowerRecover"

====================

FirewallRules (Whitelisted)

===============

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

FirewallRules: [{862AFB70-51E0-

4527-A271-8089B56E8C4F}] =>

(Allow) c:\Program Files

(x86)\CyberLink\PowerDirector

\PDR.EXE
FirewallRules: [{C18F71C2-F36F-

4625-AB27-90EEB8D1E479}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartMusic.exe
FirewallRules: [{385AA1C8-3FA9-

4B3B-BD9E-7367B718C947}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartPhoto.exe
FirewallRules: [{AF8F13B3-F77D-

4B1A-A975-B0E42F3F829E}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartVideo.exe
FirewallRules: [{92E9E16B-95EC-

46F4-B8B4-D8B4C5855C30}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\TSMAgent.exe
FirewallRules: [{FC56BC42-4EC5-

45EA-AC62-97E5A14B0D6F}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{05E9270A-E3F2-

4A90-9AF9-0531E88870E4}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartMusic.exe
FirewallRules: [{AC5E908D-A55B-

4F73-B15C-CFB0F6EBD26D}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartPhoto.exe
FirewallRules: [{FA0AE581-0A66-

43A8-8CB7-EE5700994EE7}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartVideo.exe
FirewallRules: [{2CC2996A-B44E-

4A2D-AE0C-D3C753CC0F22}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\TSMAgent.exe
FirewallRules: [{ED0C4EDA-F45E-

4296-93BB-4D28D09994E2}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{2E4E8EDE-C9CE-

4343-8260-A16DE0E95A03}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\Media\DVD

\HPDVDSmart.exe
FirewallRules: [{764617C5-1D03-

4EEB-BB6D-7672F4F38A7B}] =>

(Allow) C:\Program Files

(x86)\Common Files\Apple\Apple

Application Support

\WebKit2WebProcess.exe
FirewallRules: [TCP Query User

{994A22F0-68B9-4379-B5E1-

15A52E7F438D}C:\program files

(x86)\internet explorer\iexplore.exe]

=> (Block) C:\program files

(x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User

{6B53A456-3420-4983-B732-

CAD108778133}C:\program files

(x86)\internet explorer\iexplore.exe]

=> (Block) C:\program files

(x86)\internet explorer\iexplore.exe
FirewallRules: [{43230E3A-F961-

4F8F-8602-AB42EFBEDA78}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPWarrantyCheck

\HPWarrantyChecker.exe
FirewallRules: [TCP Query User

{2AEFA044-16C5-4238-B681-

8418467C5584}C:\program files

(x86)\hp\common

\hpdevicedetection3.exe] => (Allow)

C:\program files (x86)\hp\common

\hpdevicedetection3.exe
FirewallRules: [UDP Query User

{091005CC-A496-4F92-9DA6-

417FD38247FB}C:\program files

(x86)\hp\common

\hpdevicedetection3.exe] => (Allow)

C:\program files (x86)\hp\common

\hpdevicedetection3.exe
FirewallRules: [{8B135CC0-C6E0-

4069-B143-AD1F8F02841E}] =>

(Allow) C:\Program Files

(x86)\FreeFileViewer

\FFVCheckForUpdates.exe
FirewallRules: [{A4B859C2-5460-

4CB6-928D-57A5938BE20C}] =>

(Allow) C:\Program Files\HP\HP ENVY

4500 series\Bin\DeviceSetup.exe
FirewallRules: [{1DF73D99-F679-

4C80-93F8-B2A2ED120C2E}] =>

(Allow) LPort=5357
FirewallRules: [{C6EFD0B0-9F11-

4CDB-8D30-004DB350980F}] =>

(Allow) C:\Program Files\HP\HP ENVY

4500 series\Bin

\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User

{127708EF-BEB7-418B-B25C-

B54170BF40A1}C:\program files

(x86)\mozilla firefox\firefox.exe] =>

(Allow) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [UDP Query User

{C9FF2BD2-15F0-499F-9022-

0D9509EBF9D3}C:\program files

(x86)\mozilla firefox\firefox.exe] =>

(Allow) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [{D3397118-8472-

4381-AC23-FF7ED3BD3CF1}] =>

(Block) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [{82CEA311-9153-

4A12-ADE0-5A2ED5A52AA3}] =>

(Block) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [{21183FC2-B84E-

4444-8F8D-D71894E4F72E}] =>

(Allow) C:\Program Files (x86)\Mozilla

Firefox\firefox.exe
FirewallRules: [{8C049D7F-3109-

4691-935E-FDD25D6565CA}] =>

(Allow) C:\Program Files (x86)\Mozilla

Firefox\firefox.exe
FirewallRules: [{21BFE7F7-E7BC-

4CB6-89E4-12D8FBB42846}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgnsa.exe
FirewallRules: [{55C6E141-EDA0-

408D-8D7C-8C9686C535DB}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgnsa.exe
FirewallRules: [{D023B66A-0EC2-

406D-8FB7-32166B367688}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgdiagex.exe
FirewallRules: [{B38C3E4D-7DA4-

45F6-AA03-5F270DF6F79E}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgdiagex.exe
FirewallRules: [{C37D1B0D-989A-

4AB2-9D1D-B0F80D5A75B1}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgmfapx.exe
FirewallRules: [{D8FF93A6-3DE4-

40BC-947B-44A6A7A1CEE0}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgmfapx.exe
FirewallRules: [{31143E86-0CAB-

45BF-8A62-B10592C8D831}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgemca.exe
FirewallRules: [{FA2DB4C0-236C-

410E-8DB5-B7A4F3C1F6FA}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgemca.exe
FirewallRules: [{7133564D-8800-

4463-9B55-7C6DF7E54531}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPWarrantyCheck

\HPDeviceDetection3.exe

====================

Faulty Device Manager Devices

=============

Name: qknfd
Description: qknfd
Class Guid: {8ECC055D-047F-11D1-

A537-0000F8753ED1}
Manufacturer:
Service: qknfd
Problem: : This device is not present,

is not working properly, or does not

have all its drivers installed. (Code 24)
Resolution: The device is installed

incorrectly. The problem could be a

hardware failure, or a new driver

might be needed.
Devices stay in this state if they have

been prepared for removal.
After you remove the device, this

error disappears.Remove the device,

and this error should be resolved.


====================

Event log errors:

=======================

==

Application errors:
==================
Error: (05/22/2015 04:14:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:13:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:12:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:11:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:10:22 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:10:10 PM)

(Source: Microsoft-Windows-User

Profiles Service) (EventID: 1542)

(User: NT AUTHORITY)
Description: Windows cannot load

classes registry file.
DETAIL - Unspecified error

Error: (05/22/2015 04:07:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:06:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:05:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:04:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered


System errors:
=============
Error: (05/22/2015 04:09:22 PM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd

Error: (05/22/2015 04:09:20 PM)

(Source: Service Control Manager)

(EventID: 7024) (User: )
Description: The AVGIDSAgent service

terminated with service-specific error

%%-536753637.

Error: (05/22/2015 03:55:44 PM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd

Error: (05/22/2015 03:55:42 PM)

(Source: Service Control Manager)

(EventID: 7024) (User: )
Description: The AVGIDSAgent service

terminated with service-specific error

%%-536753637.

Error: (05/22/2015 04:36:15 AM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd

Error: (05/22/2015 04:36:14 AM)

(Source: Service Control Manager)

(EventID: 7024) (User: )
Description: The AVGIDSAgent service

terminated with service-specific error

%%-536753637.

Error: (05/21/2015 04:38:17 PM)

(Source: Service Control Manager)

(EventID: 7011) (User: )
Description: A timeout (30000

milliseconds) was reached while

waiting for a transaction response

from the Netman service.

Error: (05/21/2015 07:49:17 AM)

(Source: Service Control Manager)

(EventID: 7011) (User: )
Description: A timeout (30000

milliseconds) was reached while

waiting for a transaction response

from the Netman service.

Error: (05/20/2015 07:38:52 PM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd

Error: (05/20/2015 07:38:37 PM)

(Source: Service Control Manager)

(EventID: 7024) (User: )
Description: The AVGIDSAgent service

terminated with service-specific error

%%-536753637.


Microsoft Office:
=======================

==
Error: (05/22/2015 04:14:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:13:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:12:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:11:21 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:10:22 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:10:10 PM)

(Source: Microsoft-Windows-User

Profiles Service) (EventID: 1542)

(User: NT AUTHORITY)
Description: Unspecified error

Error: (05/22/2015 04:07:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:06:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:05:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 04:04:43 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered


====================

Memory info

=======================

====

Processor: AMD Athlon(tm) II X4 620

Processor
Percentage of memory in use: 22%
Total physical RAM: 7935.23 MB
Available physical RAM: 6179.55 MB
Total Pagefile: 15868.68 MB
Available Pagefile: 14012.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

====================

Drives

=======================

=========

Drive c: (HP) (Fixed) (Total:584.07

GB) (Free:513.39 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed)

(Total:12 GB) (Free:2.18 GB) NTFS

==>[System with boot components

(obtained from reading drive)]
Drive e: (Pictures) (CDROM)

(Total:0.69 GB) (Free:0.08 GB) UDF

==================== MBR

& Partition Table

==================

=======================

=======================

==========
Disk: 0 (Size: 596.2 GB) (Disk ID:

1549F232)
Partition 1: (Active) - (Size=100 MB) -

(Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.1

GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=12

GB) - (Type=07 NTFS)

==================== End

of log

=======================

=====

=======================

=====

 

[argus]

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

Please Farbar re-run scan.

 

[LovesHounds]

Scan result of Farbar Recovery Scan

Tool (FRST) (x64) Version: 21-05-

2015
Ran by Sinnfamily (administrator) on

SINNFAMILY-PC on 22-05-2015

21:49:51
Running from C:\Users\Sinnfamily

\Downloads
Loaded Profiles: Sinnfamily (Available

profiles: Sinnfamily)
Platform: Windows 7 Home Premium

Service Pack 1 (X64) OS Language:

English (United States)
Internet Explorer Version 11 (Default

browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan

Tool:

http://www.geekstogo.com/forum/top

ic/335081-frst-tutorial-how-to-use-

farbar-recovery-scan-tool/

====================

Processes (Whitelisted)

=================

(If an entry is included in the fixlist,

the process will be closed. The file will

not be moved.)

(NVIDIA Corporation) C:\Windows

\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program

Files\AVAST Software\Avast

\AvastSvc.exe
(NVIDIA Corporation) C:\Windows

\System32\nvvsvc.exe
(LSI Corporation) C:\Program Files

\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:

\Program Files (x86)\Common Files

\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:

\Program Files (x86)\Malwarebytes

Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:

\Program Files (x86)\Malwarebytes

Anti-Malware\mbamservice.exe
() C:\Program Files

(x86)\RealNetworks\RealDownloader

\rndlresolversvc.exe
(Yahoo! Inc.) C:\Program Files

(x86)\Yahoo!\SoftwareUpdate

\YahooAUService.exe
(Safer Networking Ltd.) C:\Program

Files (x86)\Spybot - Search & Destroy

\SDWinSec.exe
(Malwarebytes Corporation) C:

\Program Files (x86)\Malwarebytes

Anti-Malware\mbam.exe
(Avast Software s.r.o.) C:\Program

Files\AVAST Software\Avast

\avastui.exe
(Hewlett-Packard Company) C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework

\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files

(x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program

Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows

\System32\dllhost.exe
(Adobe Systems, Inc.) C:\Windows

\SysWOW64\Macromed\Flash

\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows

\SysWOW64\Macromed\Flash

\FlashPlayerPlugin_17_0_0_169.exe


====================

Registry (Whitelisted)

==================

(If an entry is included in the fixlist,

the registry item will be restored to

default or removed. The file will not

be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:

\Program Files (x86)\AVG

\AVG2015\avgui.exe [3745232 2015-

04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] =>

C:\Program Files\AVAST Software

\Avast\AvastUI.exe [5515496 2015-

05-20] (Avast Software s.r.o.)
HKU\S-1-5-21-2643768202-

156854014-2583388340-1001\...

\Policies\system: [LogonHoursAction]

2
HKU\S-1-5-21-2643768202-

156854014-2583388340-1001\...

\Policies\system:

[DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast]

-> {472083B0-C522-11CF-8763-

00608CC02F24} => C:\Program Files

\AVAST Software\Avast\ashShA64.dll

[2015-05-20] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32:

[SharingPrivate] -> {08244EE6-92F0

-47f2-9FC9-929BAA2E7235} => No

File

====================

Internet (Whitelisted)

====================

(If an item is included in the fixlist, if

it is a registry item it will be removed

or restored to default.)

SearchScopes: HKLM -> {0633EE93-

D776-472f-A0FF-E1416B8B2E3A} URL

=
SearchScopes: HKLM -> {1235B3BB-

2B63-4F90-BA16-37F536739926} URL

= http://www.bing.com/search?q=

{searchTerms}

&FORM=HPDTDF&pc=HPDTDF&src=I

E-SearchBox
SearchScopes: HKLM -> {BFE680F5-

69D4-4A76-A974-C15503F8F00B} URL

= http://www.ask.com/web?q=

{searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 ->

{0633EE93-D776-472f-A0FF-

E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 ->

{1235B3BB-2B63-4F90-BA16-

37F536739926} URL =

http://www.bing.com/search?q=

{searchTerms}

&FORM=HPDTDF&pc=HPDTDF&src=I

E-SearchBox
SearchScopes: HKLM-x32 ->

{BFE680F5-69D4-4A76-A974-

C15503F8F00B} URL =

http://www.ask.com/web?q=

{searchterms}&l=dis&o=ushpd
BHO: AVG Safe Search -> {3CA2F312

-6F6E-4B53-A66E-4E65E497C8C0} ->

No File
BHO: avast! Online Security ->

{8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} -> C:\Program Files

\AVAST Software\Avast

\aswWebRepIE64.dll [2015-05-20]

(Avast Software s.r.o.)
BHO: HP Network Check Helper ->

{E76FD755-C1BA-4DCB-9F13-

99BD91223ADE} -> C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPNetworkCheck

\HPNetworkCheckPluginx64.dll [2013

-08-28] (Hewlett-Packard)
BHO-x32: RealPlayer Download and

Record Plugin for Internet Explorer ->

{3049C3E9-B461-4BC5-8870-

4C09146192CA} -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\IE

\rndlbrowserrecordplugin.dll [2013-

08-14] (RealDownloader)
BHO-x32: AVG Safe Search ->

{3CA2F312-6F6E-4B53-A66E-

4E65E497C8C0} -> No File
BHO-x32: Spybot-S&D IE Protection

-> {53707962-6F74-2D53-2644-

206D7942484F} -> C:\Program Files

(x86)\Spybot - Search & Destroy

\SDHelper.dll [2009-01-26] (Safer

Networking Limited)
BHO-x32: Java(tm) Plug-In SSV

Helper -> {761497BB-D6F0-462C-

B6EB-D4DAF1D92D43} -> C:\Program

Files (x86)\Java\jre1.8.0_45\bin

\ssv.dll [2015-04-27] (Oracle

Corporation)
BHO-x32: avast! Online Security ->

{8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} -> C:\Program Files

\AVAST Software\Avast

\aswWebRepIE.dll [2015-05-20]

(Avast Software s.r.o.)
BHO-x32: hpBHO Class ->

{ABD3B5E1-B268-407B-A150-

2641DAB8D898} -> C:\Program Files

(x86)\Common Files\Homepage

Protection\HomepageProtection.dll

[2009-06-08] (AOL Products)
BHO-x32: Skype Browser Helper ->

{AE805869-2E5C-4ED4-8F7B-

F1F7851A4497} -> C:\Program Files

(x86)\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll [2011-05-

16] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV

Helper -> {DBC80044-A445-435b-

BC74-9C25C1C588A9} -> C:\Program

Files (x86)\Java\jre1.8.0_45\bin

\jp2ssv.dll [2015-04-27] (Oracle

Corporation)
BHO-x32: HP Network Check Helper

-> {E76FD755-C1BA-4DCB-9F13-

99BD91223ADE} -> C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPNetworkCheck

\HPNetworkCheckPlugin.dll [2013-08

-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name -

{1E61ED7C-7CB8-49d6-B9E9-

AB4C880C8414} - No File
Toolbar: HKLM-x32 - No Name -

{CCC7A320-B3CA-4199-B1A6-

9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-

156854014-2583388340-1001 -> No

Name - {CCC7A320-B3CA-4199-B1A6

-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-

156854014-2583388340-1001 -> No

Name - {E7DF6BFF-55A5-4EB7-A673

-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2643768202-

156854014-2583388340-1001 -> No

Name - {2318C2B1-4965-11D4-9B18-

009027A5CD4F} - No File
DPF: HKLM-x32 {02BCC737-B171-

4746-94C9-0D8A0B2C0089}

http://office.microsoft.com/_layouts/C

lientBin/ieawsdc32.cab
DPF: HKLM-x32 {02BF25D5-8C17-

4B23-BC80-D3488ABDDC6B}

http://appldnld.apple.com.edgesuite.

net/content.info.apple.com/QuickTime

/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-

11CF-8075-444553540000}

http://download.macromedia.com/pu

b/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {3107C2A8-9F0B-

4404-A58B-21BD85268FBC}

http://www.pogo.com/cdl/launcher/Po

goWebLauncherInstaller.CAB
DPF: HKLM-x32 {3D3B42C2-11BF-

4732-A304-A01384B70D68}

http://picasaweb.google.com/s/v/61.1

8/uploader2.cab
DPF: HKLM-x32 {49E67060-2C0D-

415E-94C7-52A49F73B2F1}

http://zone.msn.com/bingame/pppp/d

efault/PiratePoppers.1.0.0.39.cab
DPF: HKLM-x32 {6218F7B5-0D3A-

48BA-AE4C-49DCFA63D400}

http://www.myheritage.com/Genoogl

e/Components/ActiveX/SearchEngine

Query.dll
DPF: HKLM-x32 {73ECB3AA-4717-

450C-A2AB-D00DAD9EE203}

http://h20614.www2.hp.com/ediags/g

md/Install/Cab/hpdetect119b.cab
DPF: HKLM-x32 {7E980B9B-8AE5-

466A-B6D6-DA8CF814E78A}

http://zone.msn.com/bingame/chnz/d

efault/mjolauncher.cab
DPF: HKLM-x32 {8100D56A-5661-

482C-BEE8-AFECE305D968}

http://upload.facebook.com/controls/

2009.07.28_v5.5.8.1/FacebookPhotoU

ploader55.cab
DPF: HKLM-x32 {9AA73F41-EC64-

489E-9A73-9CD52E528BC4}

http://zone.msn.com/binGame/ZAxRc

Mgr.cab
DPF: HKLM-x32 {DF780F87-FF2B-

4DF8-92D0-73DB16A1543A}

http://zone.msn.com/BINGAME/POPC

APLOADER_V10.CAB
DPF: HKLM-x32 {E06E2E99-0AA1-

11D4-ABA6-0060082AA75C}

https://petsmartcharities.webex.com/

client/T27LD/webex/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-

4FB0-9522-AC9BF37916A7}

http://platformdl.adobe.com/NOS/get

PlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-

63F8-47D5-A4D1-FBDDE494F8D1} -

No File
Handler: ms-itss - {0A9007C0-4076-

11D3-8789-0000F8105754} - No File
Handler-x32: skype-ie-addon-data -

{91774881-D725-4E58-B298-

07617B9B86A8} - C:\Program Files

(x86)\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll [2011-05-

16] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer]

173.225.144.10 173.225.144.70

FireFox:
========
FF ProfilePath: C:\Users\Sinnfamily

\AppData\Roaming\Mozilla\Firefox

\Profiles\4iuichbd.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage:

https://www.facebook.com/?ref=logo
FF Plugin: @adobe.com/FlashPlayer

-> C:\Windows\system32\Macromed

\Flash\NPSWF64_17_0_0_169.dll

[2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE

-> disabled No File
FF Plugin:

@Microsoft.com/NpCtrl,version=1.0

-> c:\Program Files\Microsoft

Silverlight\5.1.40416.0\npctrl.dll

[2015-04-16] ( Microsoft Corporation)
FF Plugin-x32:

@adobe.com/FlashPlayer -> C:

\Windows\SysWOW64\Macromed

\Flash\NPSWF32_17_0_0_169.dll

[2015-04-15] ()
FF Plugin-x32:

@adobe.com/ShockwavePlayer -> C:

\Windows\SysWOW64\Adobe

\Director\np32dsw_1202122.dll [2013

-04-03] (Adobe Systems, Inc.)
FF Plugin-x32:

@java.com/DTPlugin,version=11.45.2

-> C:\Program Files (x86)\Java

\jre1.8.0_45\bin\dtplugin

\npDeployJava1.dll [2015-04-27]

(Oracle Corporation)
FF Plugin-x32:

@java.com/JavaPlugin,version=11.45.

2 -> C:\Program Files (x86)\Java

\jre1.8.0_45\bin\plugin2\npjp2.dll

[2015-04-27] (Oracle Corporation)
FF Plugin-x32:

@microsoft.com/GENUINE -> disabled

No File
FF Plugin-x32:

@Microsoft.com/NpCtrl,version=1.0

-> c:\Program Files (x86)\Microsoft

Silverlight\5.1.40416.0\npctrl.dll

[2015-04-15] ( Microsoft Corporation)
FF Plugin-x32:

@real.com/nprndlchromebrowserrecor

dext;version=1.3.3 -> C:

\ProgramData\RealNetworks

\RealDownloader\BrowserPlugins

\MozillaPlugins

\nprndlchromebrowserrecordext.dll

[2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32:

@real.com/nprndlhtml5videoshim;ver

sion=1.3.3 -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\MozillaPlugins

\nprndlhtml5videoshim.dll [2013-08-

14] (RealNetworks, Inc.)
FF Plugin-x32:

@real.com/nprndlpepperflashvideoshi

m;version=1.3.3 -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\MozillaPlugins

\nprndlpepperflashvideoshim.dll

[2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32:

@realnetworks.com/npdlplugin;versio

n=1 -> C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\npdlplugin.dll [2013

-08-14] (RealDownloader)
FF Plugin-x32:

@rocketlife.com/RocketLife Secure

Plug-In Layer;version=1.0.5 -> C:

\ProgramData\Visan\plugins

\npRLSecurePluginLayer.dll [2014-11

-05] (RocketLife, LLP)
FF Plugin-x32:

@tools.google.com/Google

Update;version=3 -> C:\Program

Files (x86)\Google\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-15] (Google Inc.)
FF Plugin-x32:

@tools.google.com/Google

Update;version=9 -> C:\Program

Files (x86)\Google\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:

\Program Files (x86)\Adobe\Reader

11.0\Reader\AIR\nppdf32.dll [2014-

12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@lightspark.github.com/Lightspark;ve

rsion=1 -> C:\Program Files

(x86)\Lightspark 0.5.3-git

\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@talk.google.com/GoogleTalkPlugin

-> C:\Users\Sinnfamily\AppData

\Roaming\Mozilla\plugins

\npgoogletalk.dll [2015-04-17]

(Google)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@talk.google.com/O1DPlugin -> C:

\Users\Sinnfamily\AppData\Roaming

\Mozilla\plugins\npo1d.dll [2015-04-

17] (Google)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@tools.google.com/Google

Update;version=3 -> C:\Users

\Sinnfamily\AppData\Local\Google

\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2643768202

-156854014-2583388340-1001:

@tools.google.com/Google

Update;version=9 -> C:\Users

\Sinnfamily\AppData\Local\Google

\Update

\1.3.27.5\npGoogleUpdate3.dll [2015

-05-17] (Google Inc.)
FF user.js: detected! => C:\Users

\Sinnfamily\AppData\Roaming

\Mozilla\Firefox\Profiles

\4iuichbd.default\user.js [2013-08-22]
FF Plugin ProgramFiles/Appdata: C:

\Program Files (x86)\mozilla firefox

\browser\plugins

\npMozCouponPrinter.dll [2013-08-02]

(Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:

\Users\Sinnfamily\AppData\Roaming

\mozilla\plugins\npgoogletalk.dll

[2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:

\Users\Sinnfamily\AppData\Roaming

\mozilla\plugins\npo1d.dll [2015-04-

17] (Google)
FF HKLM-x32\...\Firefox\Extensions:

[{7BA52691-1876-45ce-9EE6-

54BCB3B04BBC}] - C:\ProgramData

\Norton\{0C55C096-0F1D-4F28-AAA2

-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions:

[{DF153AFF-6948-45d7-AC98-

4FC4AF8A08E2}] - C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:

\ProgramData\RealNetworks

\RealDownloader\BrowserPlugins

\Firefox\Ext [2013-08-22]
FF HKLM-x32\...\Firefox\Extensions:

[{ABDE892B-13A8-4d1b-88E6-

365A6E755758}] - C:\ProgramData

\RealNetworks\RealDownloader

\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions:

[wrc@avast.com] - C:\Program Files

\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security -

C:\Program Files\AVAST Software

\Avast\WebRep\FF [2015-05-20]

Chrome:
=======
CHR Profile: C:\Users\Sinnfamily

\AppData\Local\Google\Chrome\User

Data\Default
CHR Extension: (YouTube) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\blpcfgokakmgnkcojhhkbfbldkacnbeo

[2013-08-04]
CHR Extension: (No Name) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\cbgbcgglihpocekaopnclahmonoolicp

[2013-08-22]
CHR Extension: (Google Search) - C:

\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\coobgpohoikkiipiblmjeljniedjpjpf

[2013-08-04]
CHR Extension: (Bookmark Manager)

- C:\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\gmlllbghnfkpflemihljekbapjopfjik

[2015-05-20]
CHR Extension: (Avast Online

Security) - C:\Users\Sinnfamily

\AppData\Local\Google\Chrome\User

Data\Default\Extensions

\gomekmidlodglbbmalcneegieacbdmki

[2015-05-20]
CHR Extension: (RealDownloader) -

C:\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\idhngdhcfkoamngbedgpaokgjbnpdiji

[2013-08-22]
CHR Extension: (Chrome Hotword

Shared Module) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\lccekmodgklaepjeofjdjpbminllajkg

[2015-03-19]
CHR Extension: (Hangouts) - C:

\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\nckgahadagoaajjgafhacjanaoiihapd

[2014-08-08]
CHR Extension: (Google Wallet) - C:

\Users\Sinnfamily\AppData\Local

\Google\Chrome\User Data\Default

\Extensions

\nmmhkkegccagdldgiimedpiccmgmied

a [2013-08-21]
CHR Extension: (Gmail) - C:\Users

\Sinnfamily\AppData\Local\Google

\Chrome\User Data\Default

\Extensions

\pjkljhegncpnkpknbcohdijeoejaedia

[2013-08-04]
CHR HKLM-x32\...\Chrome\Extension:

[gomekmidlodglbbmalcneegieacbdmki

] - C:\Program Files\AVAST Software

\Avast\WebRep\Chrome

\aswWebRepChrome.crx [2015-05-20]
CHR HKLM-x32\...\Chrome\Extension:

[idhngdhcfkoamngbedgpaokgjbnpdiji]

- C:\ProgramData\RealNetworks

\RealDownloader\BrowserPlugins

\Chrome\Ext\realdownloader.crx

[2013-08-14]

====================

Services (Whitelisted)

=================

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

R2 avast! Antivirus; C:\Program Files

\AVAST Software\Avast\AvastSvc.exe

[343336 2015-05-20] (Avast Software

s.r.o.)
S2 avgfws; C:\Program Files

(x86)\AVG\AVG2015\avgfws.exe

[1517480 2015-04-15] (AVG

Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files

(x86)\AVG\AVG2015\avgidsagent.exe

[3438032 2015-04-15] (AVG

Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files

(x86)\AVG\AVG2015\avgwdsvc.exe

[311792 2015-04-15] (AVG

Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows

\system32\diagtrack.dll [1254400

2015-04-27] (Microsoft Corporation)
R2 EFS; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 HP Support Assistant Service; C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework

\hpsa_service.exe [92160 2013-11-04]

(Hewlett-Packard Company) [File not

signed]
S3 KeyIso; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 LightScribeService; c:\Program

Files (x86)\Common Files\LightScribe

\LSSrvc.exe [73728 2009-05-18]

(Hewlett-Packard Company) [File not

signed]
R2 MBAMScheduler; C:\Program Files

(x86)\Malwarebytes Anti-Malware

\mbamscheduler.exe [1871160 2015-

04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files

(x86)\Malwarebytes Anti-Malware

\mbamservice.exe [1080120 2015-04

-14] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 nvsvc; C:\Windows

\SysWOW64\nvvsvc.exe [0 2013-08-

10] () <==== ATTENTION (zero size

file/folder)
S3 ProtectedStorage; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 RealNetworks Downloader

Resolver Service; C:\Program Files

(x86)\RealNetworks\RealDownloader

\rndlresolversvc.exe [39056 2013-08-

14] ()
R2 SamSs; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
R2 SBSDWSCService; C:\Program

Files (x86)\Spybot - Search & Destroy

\SDWinSec.exe [1153368 2009-01-26]

(Safer Networking Ltd.)
R2 Spooler; C:\Windows

\SysWOW64\spoolsv.exe [0 2013-08-

10] () <==== ATTENTION (zero size

file/folder)
S3 VaultSvc; C:\Windows

\SysWOW64\lsass.exe [0 2013-08-10]

() <==== ATTENTION (zero size

file/folder)
S3 WinDefend; C:\Program Files

\Windows Defender\mpsvc.dll

[1011712 2013-05-27] (Microsoft

Corporation)

====================

Drivers (Whitelisted)

====================

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

R2 aswHwid; C:\Windows

\system32\drivers\aswHwid.sys

[29168 2015-05-20] ()
R2 aswMonFlt; C:\Windows

\system32\drivers\aswMonFlt.sys

[89944 2015-05-20] (Avast Software

s.r.o.)
R1 aswRdr; C:\Windows

\system32\drivers\aswRdr2.sys [93528

2015-05-20] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows

\System32\Drivers\aswRvrt.sys [65736

2015-05-20] ()
R1 aswSnx; C:\Windows

\system32\drivers\aswSnx.sys

[1047320 2015-05-20] (Avast

Software s.r.o.)
R1 aswSP; C:\Windows

\system32\drivers\aswSP.sys [442264

2015-05-20] (Avast Software s.r.o.)
R2 aswStm; C:\Windows

\system32\drivers\aswStm.sys

[137288 2015-05-20] (Avast Software

s.r.o.)
R0 aswVmm; C:\Windows

\System32\Drivers\aswVmm.sys

[272248 2015-05-20] ()
R1 Avgdiska; C:\Windows

\System32\DRIVERS\avgdiska.sys

[162784 2015-03-11] (AVG

Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows

\System32\DRIVERS\avgfwd6a.sys

[67040 2015-03-20] (AVG

Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows

\System32\DRIVERS\avgidsdrivera.sys

[284128 2015-04-09] (AVG

Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows

\System32\DRIVERS\avgidsha.sys

[213984 2015-03-11] (AVG

Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows

\System32\DRIVERS\avgldx64.sys

[256992 2015-04-15] (AVG

Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows

\System32\DRIVERS\avgloga.sys

[344544 2015-03-11] (AVG

Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows

\System32\DRIVERS\avgmfx64.sys

[137184 2015-04-03] (AVG

Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows

\System32\DRIVERS\avgrkx64.sys

[40928 2015-03-20] (AVG

Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows

\System32\DRIVERS\avgtdia.sys

[291296 2015-04-07] (AVG

Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows

\system32\drivers\mbam.sys [25816

2015-04-14] (Malwarebytes

Corporation)
R3 MBAMSwissArmy; C:\Windows

\system32\drivers

\MBAMSwissArmy.sys [136408 2015-

05-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:

\Windows\system32\drivers\mwac.sys

[63704 2015-04-14] (Malwarebytes

Corporation)
S3 SWDUMon; C:\Windows

\System32\DRIVERS\SWDUMon.sys

[16152 2014-06-22] ()
S1 qknfd; system32\drivers\qknfd.sys

[X]

====================

NetSvcs (Whitelisted)

===================

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)


==================== One

Month Created files and folders

========

(If an entry is included in the fixlist,

the file/folder will be moved.)

2015-05-21 21:21 - 2015-05-22 16:17

- 00093039 _____ () C:\Users

\Sinnfamily\Desktop\FRST.txt
2015-05-21 21:21 - 2015-05-22 16:16

- 00040677 _____ () C:\Users

\Sinnfamily\Desktop\Addition.txt
2015-05-21 20:37 - 2015-05-22 16:16

- 00040677 _____ () C:\Users

\Sinnfamily\Downloads\Addition.txt
2015-05-21 20:36 - 2015-05-22 21:49

- 00020603 _____ () C:\Users

\Sinnfamily\Downloads\FRST.txt
2015-05-21 20:35 - 2015-05-22 21:49

- 00000000 ____D () C:\FRST
2015-05-21 20:34 - 2015-05-21 20:34

- 02108416 _____ (Farbar) C:\Users

\Sinnfamily\Downloads\FRST64.exe
2015-05-21 20:21 - 2015-05-21 20:22

- 00465432 _____ () C:\Users

\Sinnfamily\Downloads

\ESETPoweliksCleaner.exe_20150521.

202107.4028.log
2015-05-21 20:21 - 2015-05-21 20:21

- 00000022 _____ () C:\Users

\Sinnfamily\Downloads

\ESETPoweliksCleaner.exe_20150521.

202107.4028.zip
2015-05-21 20:19 - 2015-05-21 20:19

- 00221384 _____ (ESET) C:\Users

\Sinnfamily\Downloads

\ESETPoweliksCleaner.exe
2015-05-20 19:51 - 2015-05-20 19:52

- 00001484 _____ () C:\Windows

\IE11_main.log
2015-05-20 19:51 - 2015-05-20 19:51

- 55915216 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads\IE11-Windows6.1-x64-

en-us.exe
2015-05-20 18:27 - 2015-05-20 18:27

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\AVAST

Software
2015-05-20 18:26 - 2015-05-20 18:26

- 01047320 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswSnx.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00442264 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswSP.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00364472 _____ (Avast Software

s.r.o.) C:\Windows

\system32\aswBoot.exe
2015-05-20 18:26 - 2015-05-20 18:26

- 00272248 _____ () C:\Windows

\system32\Drivers\aswVmm.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00137288 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswStm.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00093528 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswRdr2.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00089944 _____ (Avast Software

s.r.o.) C:\Windows\system32\Drivers

\aswMonFlt.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00065736 _____ () C:\Windows

\system32\Drivers\aswRvrt.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00043112 _____ (Avast Software

s.r.o.) C:\Windows\avastSS.scr
2015-05-20 18:26 - 2015-05-20 18:26

- 00029168 _____ () C:\Windows

\system32\Drivers\aswHwid.sys
2015-05-20 18:26 - 2015-05-20 18:26

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\AVAST Software
2015-05-20 18:25 - 2015-05-20 18:25

- 00000000 ____D () C:\Program

Files\AVAST Software
2015-05-20 18:24 - 2015-05-20 18:24

- 05481336 _____ (Avast Software

s.r.o.) C:\Users\Sinnfamily

\Downloads

\avast_free_antivirus_setup_online_cn

et.exe
2015-05-20 18:24 - 2015-05-20 18:24

- 00000000 ____D () C:\ProgramData

\AVAST Software
2015-05-20 16:54 - 2015-05-20 16:54

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.135558928799315.1.4.Run.exe
2015-05-20 16:43 - 2015-05-20 16:43

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.Run (2).exe
2015-05-20 16:38 - 2015-05-20 16:38

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.Run (1).exe
2015-05-20 16:34 - 2015-05-20 16:34

- 00039148 _____ () C:\Users

\Sinnfamily\Downloads

\ResultReport.html
2015-05-20 16:33 - 2015-05-20 16:44

- 00000000 ____D () C:\MATS
2015-05-20 16:32 - 2015-05-20 16:32

- 00347816 _____ (Microsoft

Corporation) C:\Users\Sinnfamily

\Downloads

\MicrosoftFixit.ProgramInstallUninstall

.RNP.Run.exe
2015-05-20 15:52 - 2015-05-22 16:28

- 00136408 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers

\MBAMSwissArmy.sys
2015-05-20 15:51 - 2015-05-20 16:23

- 00000000 ____D () C:\Program Files

(x86)\Malwarebytes Anti-Malware
2015-05-20 15:51 - 2015-05-20 15:51

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\Malwarebytes Anti-

Malware
2015-05-20 15:51 - 2015-05-20 15:51

- 00000000 ____D () C:\ProgramData

\Malwarebytes
2015-05-20 15:51 - 2015-04-14 09:37

- 00107736 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers

\mbamchameleon.sys
2015-05-20 15:51 - 2015-04-14 09:37

- 00063704 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers\mwac.sys
2015-05-20 15:51 - 2015-04-14 09:37

- 00025816 _____ (Malwarebytes

Corporation) C:\Windows

\system32\Drivers\mbam.sys
2015-05-20 15:50 - 2015-05-20 15:50

- 21546080 _____ (Malwarebytes

Corporation ) C:\Users\Sinnfamily

\Downloads\mbam-setup-

2.1.6.1022.exe
2015-05-20 10:40 - 2015-05-20 10:40

- 00073896 _____ () C:\Users

\Sinnfamily\Downloads\[SURVEY

PREVIEW MODE] Spring into Summer

Feedback 2014 Survey Last years.htm
2015-05-20 10:32 - 2015-05-22 16:09

- 00000616 _____ () C:\Windows

\setupact.log
2015-05-20 10:32 - 2015-05-22 15:55

- 00079622 _____ () C:\Windows

\PFRO.log
2015-05-20 10:32 - 2015-05-20 10:32

- 00000000 _____ () C:\Windows

\setuperr.log
2015-05-20 09:46 - 2015-05-20 09:46

- 00003874 _____ () C:\Windows

\System32\Tasks\Google Update
2015-05-20 09:46 - 2015-05-20 09:46

- 00003694 _____ () C:\Windows

\System32\Tasks\Adobe Reader and

Acrobat Manager
2015-05-20 09:37 - 2015-05-20 09:37

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Local\Avg
2015-05-17 14:05 - 2015-05-21 06:17

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Tre shower
2015-05-17 12:27 - 2015-05-17 12:27

- 00403453 _____ () C:\Users

\Sinnfamily\Documents\Tom Daddy

game.ods
2015-05-17 12:18 - 2015-05-17 12:18

- 00073896 _____ () C:\Users

\Sinnfamily\Desktop\[SURVEY

PREVIEW MODE] Spring into Summer

Feedback 2014 Survey Last years.htm
2015-05-14 18:10 - 2015-05-17 04:28

- 00000000 ____D () C:\Program Files

(x86)\Mozilla Firefox
2015-05-13 16:02 - 2015-05-13 16:02

- 00010896 _____ () C:\Users

\Sinnfamily\Desktop\upcoming

events.odt
2015-05-13 03:03 - 2015-05-01 08:17

- 00124112 _____ (Microsoft

Corporation) C:\Windows

\system32\PresentationCFFRasterizer

Native_v0300.dll
2015-05-13 03:03 - 2015-05-01 08:16

- 00102608 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\PresentationCFFRasterize

rNative_v0300.dll
2015-05-12 14:49 - 2015-05-04 20:29

- 00342016 _____ (Microsoft

Corporation) C:\Windows

\system32\schannel.dll
2015-05-12 14:49 - 2015-05-04 20:12

- 00248832 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\schannel.dll
2015-05-12 14:49 - 2015-04-21 21:28

- 00389840 _____ (Microsoft

Corporation) C:\Windows

\system32\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 20:48

- 00342736 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 12:14

- 24971776 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtml.dll
2015-05-12 14:49 - 2015-04-21 12:08

- 02724864 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 12:07

- 00004096 _____ (Microsoft

Corporation) C:\Windows

\system32\ieetwcollectorres.dll
2015-05-12 14:49 - 2015-04-21 11:51

- 00066560 _____ (Microsoft

Corporation) C:\Windows

\system32\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:50

- 00584192 _____ (Microsoft

Corporation) C:\Windows

\system32\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:50

- 00417792 _____ (Microsoft

Corporation) C:\Windows

\system32\html.iec
2015-05-12 14:49 - 2015-04-21 11:50

- 00048640 _____ (Microsoft

Corporation) C:\Windows

\system32\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:49

- 02885120 _____ (Microsoft

Corporation) C:\Windows

\system32\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:48

- 00088064 _____ (Microsoft

Corporation) C:\Windows

\system32\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:41

- 00054784 _____ (Microsoft

Corporation) C:\Windows

\system32\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:40

- 00034304 _____ (Microsoft

Corporation) C:\Windows

\system32\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:37

- 00633856 _____ (Microsoft

Corporation) C:\Windows

\system32\ieui.dll
2015-05-12 14:49 - 2015-04-21 11:35

- 00816640 _____ (Microsoft

Corporation) C:\Windows

\system32\jscript.dll
2015-05-12 14:49 - 2015-04-21 11:35

- 00144384 _____ (Microsoft

Corporation) C:\Windows

\system32\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 11:35

- 00114688 _____ (Microsoft

Corporation) C:\Windows

\system32\ieetwcollector.exe
2015-05-12 14:49 - 2015-04-21 11:34

- 00814080 _____ (Microsoft

Corporation) C:\Windows

\system32\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 11:31

- 06025728 _____ (Microsoft

Corporation) C:\Windows

\system32\jscript9.dll
2015-05-12 14:49 - 2015-04-21 11:26

- 00968704 _____ (Microsoft

Corporation) C:\Windows

\system32\MsSpellCheckingFacility.ex

e
2015-05-12 14:49 - 2015-04-21 11:25

- 02724864 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 11:24

- 19691008 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtml.dll
2015-05-12 14:49 - 2015-04-21 11:22

- 00490496 _____ (Microsoft

Corporation) C:\Windows

\system32\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 11:14

- 00077824 _____ (Microsoft

Corporation) C:\Windows

\system32\JavaScriptCollectionAgent.

dll
2015-05-12 14:49 - 2015-04-21 11:11

- 00504320 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:11

- 00062464 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:10

- 00047616 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:09

- 00341504 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\html.iec
2015-05-12 14:49 - 2015-04-21 11:09

- 00199680 _____ (Microsoft

Corporation) C:\Windows

\system32\msrating.dll
2015-05-12 14:49 - 2015-04-21 11:08

- 00092160 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 11:08

- 00064000 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:05

- 00316928 _____ (Microsoft

Corporation) C:\Windows

\system32\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 11:04

- 02278400 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:03

- 00047104 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:02

- 00030720 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:00

- 00478208 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieui.dll
2015-05-12 14:49 - 2015-04-21 10:58

- 00664576 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jscript.dll
2015-05-12 14:49 - 2015-04-21 10:58

- 00115712 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 10:57

- 00620032 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 10:49

- 00801280 _____ (Microsoft

Corporation) C:\Windows

\system32\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:49

- 00720384 _____ (Microsoft

Corporation) C:\Windows

\system32\ie4uinit.exe
2015-05-12 14:49 - 2015-04-21 10:48

- 00418304 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 10:47

- 01359360 _____ (Microsoft

Corporation) C:\Windows

\system32\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:46

- 02125824 _____ (Microsoft

Corporation) C:\Windows

\system32\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:43

- 00060416 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\JavaScriptCollectionAgen

t.dll
2015-05-12 14:49 - 2015-04-21 10:40

- 14401536 _____ (Microsoft

Corporation) C:\Windows

\system32\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:39

- 00168960 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msrating.dll
2015-05-12 14:49 - 2015-04-21 10:38

- 00076288 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 10:36

- 00285696 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 10:31

- 04305920 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\jscript9.dll
2015-05-12 14:49 - 2015-04-21 10:27

- 02352128 _____ (Microsoft

Corporation) C:\Windows

\system32\wininet.dll
2015-05-12 14:49 - 2015-04-21 10:26

- 00688640 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:25

- 02052608 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:24

- 01155072 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:17

- 12828672 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:15

- 01547264 _____ (Microsoft

Corporation) C:\Windows

\system32\urlmon.dll
2015-05-12 14:49 - 2015-04-21 10:03

- 00800768 _____ (Microsoft

Corporation) C:\Windows

\system32\ieapfltr.dll
2015-05-12 14:49 - 2015-04-21 10:02

- 01882112 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wininet.dll
2015-05-12 14:49 - 2015-04-21 09:58

- 01310208 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\urlmon.dll
2015-05-12 14:49 - 2015-04-21 09:56

- 00710144 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ieapfltr.dll
2015-05-12 14:49 - 2015-04-17 22:10

- 00460800 _____ (Microsoft

Corporation) C:\Windows

\system32\certcli.dll
2015-05-12 14:49 - 2015-04-17 21:56

- 00342016 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\certcli.dll
2015-05-12 14:49 - 2015-04-12 22:28

- 00328704 _____ (Microsoft

Corporation) C:\Windows

\system32\services.exe
2015-05-12 14:48 - 2015-04-27 14:28

- 05569984 _____ (Microsoft

Corporation) C:\Windows

\system32\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:28

- 00155584 _____ (Microsoft

Corporation) C:\Windows

\system32\Drivers\ksecpkg.sys
2015-05-12 14:48 - 2015-04-27 14:28

- 00095680 _____ (Microsoft

Corporation) C:\Windows

\system32\Drivers\ksecdd.sys
2015-05-12 14:48 - 2015-04-27 14:26

- 01728960 _____ (Microsoft

Corporation) C:\Windows

\system32\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 01461760 _____ (Microsoft

Corporation) C:\Windows

\system32\lsasrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 01254400 _____ (Microsoft

Corporation) C:\Windows

\system32\diagtrack.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 01162752 _____ (Microsoft

Corporation) C:\Windows

\system32\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00879104 _____ (Microsoft

Corporation) C:\Windows

\system32\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00879104 _____ (Microsoft

Corporation) C:\Windows

\system32\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00728064 _____ (Microsoft

Corporation) C:\Windows

\system32\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00503808 _____ (Microsoft

Corporation) C:\Windows

\system32\srcore.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00424448 _____ (Microsoft

Corporation) C:\Windows

\system32\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00362496 _____ (Microsoft

Corporation) C:\Windows

\system32\wow64win.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00314880 _____ (Microsoft

Corporation) C:\Windows

\system32\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00309760 _____ (Microsoft

Corporation) C:\Windows

\system32\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00243712 _____ (Microsoft

Corporation) C:\Windows

\system32\wow64.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00215040 _____ (Microsoft

Corporation) C:\Windows

\system32\winsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00210944 _____ (Microsoft

Corporation) C:\Windows

\system32\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00136192 _____ (Microsoft

Corporation) C:\Windows

\system32\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00113664 _____ (Microsoft

Corporation) C:\Windows

\system32\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00086528 _____ (Microsoft

Corporation) C:\Windows

\system32\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00050176 _____ (Microsoft

Corporation) C:\Windows

\system32\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00043520 _____ (Microsoft

Corporation) C:\Windows

\system32\csrsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00029184 _____ (Microsoft

Corporation) C:\Windows

\system32\sspisrv.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00028160 _____ (Microsoft

Corporation) C:\Windows

\system32\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00022016 _____ (Microsoft

Corporation) C:\Windows

\system32\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00016384 _____ (Microsoft

Corporation) C:\Windows

\system32\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:23

- 00013312 _____ (Microsoft

Corporation) C:\Windows

\system32\wow64cpu.dll
2015-05-12 14:48 - 2015-04-27 14:22

- 00404992 _____ (Microsoft

Corporation) C:\Windows

\system32\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00338432 _____ (Microsoft

Corporation) C:\Windows

\system32\conhost.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00296960 _____ (Microsoft

Corporation) C:\Windows

\system32\rstrui.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00112640 _____ (Microsoft

Corporation) C:\Windows

\system32\smss.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00104448 _____ (Microsoft

Corporation) C:\Windows

\system32\logman.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00047104 _____ (Microsoft

Corporation) C:\Windows

\system32\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00043008 _____ (Microsoft

Corporation) C:\Windows

\system32\relog.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00031232 _____ (Microsoft

Corporation) C:\Windows

\system32\lsass.exe
2015-05-12 14:48 - 2015-04-27 14:22

- 00019456 _____ (Microsoft

Corporation) C:\Windows

\system32\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:21

- 00064000 _____ (Microsoft

Corporation) C:\Windows

\system32\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:18

- 00146432 _____ (Microsoft

Corporation) C:\Windows

\system32\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:18

- 00060416 _____ (Microsoft

Corporation) C:\Windows

\system32\msobjs.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00686080 _____ (Microsoft

Corporation) C:\Windows

\system32\adtschema.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00006656 _____ (Microsoft

Corporation) C:\Windows

\system32\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00006144 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-security-base-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00005120 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-file-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-sysinfo-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-synch-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-misc-l1-1

-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-memory-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-heap-l1-1

-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-xstate-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-util-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-string-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-profile-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-io-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-handle-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-fibers-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-

delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-debug-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-datetime-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\system32\api-ms-win-core-console-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:11

- 03989440 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntkrnlpa.exe
2015-05-12 14:48 - 2015-04-27 14:11

- 03934144 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:08

- 01310744 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00635392 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00259584 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00221184 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00172032 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00092160 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00065536 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00043008 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00022016 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:05

- 00014336 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:04

- 00641536 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:04

- 00550912 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:04

- 00364544 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00082944 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\logman.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00040448 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00037888 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\relog.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00025600 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\setup16.exe
2015-05-12 14:48 - 2015-04-27 14:04

- 00017408 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 01114112 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 00274944 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 00096768 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:03

- 00050176 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:03

- 00017408 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:03

- 00005120 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wow32.dll
2015-05-12 14:48 - 2015-04-27 14:01

- 00146432 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:01

- 00060416 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\msobjs.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00686080 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\adtschema.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00006656 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00005120 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-file-l1-1

-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-sysinfo-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-synch-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-misc-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00004096 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

memory-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-heap-l1

-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-string-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-profile-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-io-l1-1-

0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-handle-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-fibers-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-debug-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

datetime-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

console-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:06

- 00036864 _____ (Microsoft

Corporation) C:\Windows

\system32\UtcResources.dll
2015-05-12 14:48 - 2015-04-27 12:57

- 00007680 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\instnm.exe
2015-05-12 14:48 - 2015-04-27 12:57

- 00002048 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\user.exe
2015-05-12 14:48 - 2015-04-27 12:55

- 00006144 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-security-

base-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55

- 00004608 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-

threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55

- 00003584 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-xstate-

l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55

- 00003072 ____H (Microsoft

Corporation) C:\Windows

\SysWOW64\api-ms-win-core-util-l1-

1-0.dll
2015-05-12 14:48 - 2015-04-19 22:17

- 01647104 _____ (Microsoft

Corporation) C:\Windows

\system32\DWrite.dll
2015-05-12 14:48 - 2015-04-19 22:17

- 01179136 _____ (Microsoft

Corporation) C:\Windows

\system32\FntCache.dll
2015-05-12 14:48 - 2015-04-19 21:56

- 01250816 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\DWrite.dll
2015-05-12 14:48 - 2015-04-19 21:11

- 03204608 _____ (Microsoft

Corporation) C:\Windows

\system32\win32k.sys
2015-05-12 14:48 - 2015-04-07 22:29

- 00275456 _____ (Microsoft

Corporation) C:\Windows

\system32\InkEd.dll
2015-05-12 14:48 - 2015-04-07 22:29

- 00024576 _____ (Microsoft

Corporation) C:\Windows

\system32\jnwmon.dll
2015-05-12 14:48 - 2015-04-07 22:14

- 00216064 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\InkEd.dll
2015-05-12 14:48 - 2015-03-03 23:41

- 00342016 _____ (Microsoft

Corporation) C:\Windows

\system32\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:41

- 00072192 _____ (Microsoft

Corporation) C:\Windows

\system32\aelupsvc.dll
2015-05-12 14:48 - 2015-03-03 23:41

- 00023552 _____ (Microsoft

Corporation) C:\Windows

\system32\sdbinst.exe
2015-05-12 14:48 - 2015-03-03 23:41

- 00006656 _____ (Microsoft

Corporation) C:\Windows

\system32\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:11

- 00005120 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:10

- 00295936 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:10

- 00020992 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\sdbinst.exe
2015-05-12 14:48 - 2015-02-18 02:06

- 00123904 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\poqexec.exe
2015-05-12 14:48 - 2015-02-18 02:04

- 00142336 _____ (Microsoft

Corporation) C:\Windows

\system32\poqexec.exe
2015-05-12 14:48 - 2015-01-28 22:19

- 02543104 _____ (Microsoft

Corporation) C:\Windows

\system32\wpdshext.dll
2015-05-12 14:48 - 2015-01-28 22:02

- 02311168 _____ (Microsoft

Corporation) C:\Windows

\SysWOW64\wpdshext.dll
2015-05-11 22:02 - 2015-05-11 22:02

- 00000298 _____ () C:\Users

\Sinnfamily\Desktop\parking.txt
2015-05-09 23:33 - 2015-05-09 23:33

- 00000488 _____ () C:\Users

\Sinnfamily\Desktop\setup for

Heather.txt
2015-05-07 19:04 - 2015-05-15 04:21

- 00020716 _____ () C:\Users

\Sinnfamily\Desktop\planning.ods
2015-05-07 15:32 - 2015-05-07 15:32

- 00188416 _____ () C:\Users

\Sinnfamily\Desktop\certificate-of-

participation-1.pot
2015-04-27 10:01 - 2015-04-27 10:01

- 00000049 _____ () C:\Users

\Sinnfamily\Desktop\link to JSA

womans page.txt

==================== One

Month Modified files and folders

========

(If an entry is included in the fixlist,

the file/folder will be moved.)

2015-05-22 21:49 - 2011-09-21 15:49

- 00000898 _____ () C:\Windows

\Tasks

\GoogleUpdateTaskMachineUA.job
2015-05-22 21:10 - 2014-12-31 22:06

- 00000348 _____ () C:\Windows

\Tasks\HP Photo Creations

Communicator.job
2015-05-22 21:00 - 2013-06-13 11:32

- 00000830 _____ () C:\Windows

\Tasks\Adobe Flash Player

Updater.job
2015-05-22 20:59 - 2011-02-15 13:35

- 00000928 _____ () C:\Windows

\Tasks\GoogleUpdateTaskUserS-1-5-

21-2643768202-156854014-

2583388340-1001UA.job
2015-05-22 20:46 - 2009-11-26 12:46

- 01296714 _____ () C:\Windows

\WindowsUpdate.log
2015-05-22 18:20 - 2010-03-28 20:32

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Michelle stuff
2015-05-22 16:17 - 2009-07-13 23:45

- 00018736 ____H () C:\Windows

\system32\7B296FB0-376B-497e-

B012-9C450E1B7327-5P-1.C7483456

-A289-439d-8115-601632D005A0
2015-05-22 16:17 - 2009-07-13 23:45

- 00018736 ____H () C:\Windows

\system32\7B296FB0-376B-497e-

B012-9C450E1B7327-5P-0.C7483456

-A289-439d-8115-601632D005A0
2015-05-22 16:14 - 2009-07-14 00:13

- 00782510 _____ () C:\Windows

\system32\PerfStringBackup.INI
2015-05-22 16:10 - 2013-03-20 10:23

- 00000412 _____ () C:\Windows

\Tasks

\FreeFileViewerUpdateChecker.job
2015-05-22 16:10 - 2011-09-21 15:49

- 00000894 _____ () C:\Windows

\Tasks

\GoogleUpdateTaskMachineCore.job
2015-05-22 16:09 - 2009-07-14 00:08

- 00000006 ____H () C:\Windows

\Tasks\SA.DAT
2015-05-22 15:54 - 2011-02-15 13:35

- 00000876 _____ () C:\Windows

\Tasks\GoogleUpdateTaskUserS-1-5-

21-2643768202-156854014-

2583388340-1001Core.job
2015-05-21 19:58 - 2009-12-20 10:43

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\Adobe
2015-05-21 06:23 - 2011-11-11 21:22

- 00000114 _____ () C:\Users

\Sinnfamily\jobq.dat
2015-05-21 06:22 - 2015-01-29 23:21

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\2015 SIS
2015-05-21 06:18 - 2011-04-11 23:59

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Family tree
2015-05-21 06:17 - 2014-01-17 20:26

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\SIS 2014
2015-05-21 06:17 - 2010-12-11 22:17

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\BBR handouts &

interview stuff
2015-05-20 19:48 - 2010-09-17 22:46

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\New folder
2015-05-20 16:41 - 2010-09-30 09:14

- 00000000 ____D () C:\ProgramData

\MFAData
2015-05-20 16:13 - 2011-04-09 20:27

- 00000000 ____D () C:\Windows

\RegisteredPackages
2015-05-20 16:12 - 2014-02-16 13:40

- 00000000 ____D () C:\Program

Files\Conduit
2015-05-20 16:12 - 2014-02-16 13:40

- 00000000 ____D () C:\Program Files

(x86)\Conduit
2015-05-20 15:34 - 2012-01-01 11:18

- 00000000 ____D () C:\Windows\pss
2015-05-20 10:32 - 2014-12-13 20:32

- 00000352 _____ () C:\Windows

\Tasks

\HPCeeScheduleForSinnfamily.job
2015-05-20 09:45 - 2011-01-10 18:38

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\Skype
2015-05-20 09:45 - 2009-12-21 17:00

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming

\HpUpdate
2015-05-20 09:45 - 2009-08-21 14:36

- 00000000 ____D () C:\ProgramData

\Temp
2015-05-20 09:45 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\system32\sysprep
2015-05-20 09:40 - 2012-10-06 19:07

- 00000000 ____D () C:\ProgramData

\AVG
2015-05-20 09:39 - 2011-11-04 00:29

- 00000000 ____D () C:\Users

\Sinnfamily\AppData\Roaming\AVG
2015-05-20 09:39 - 2010-02-21 19:42

- 00000000 ____D () C:\Program Files

(x86)\AVG
2015-05-20 08:10 - 2014-12-13 20:32

- 00003216 _____ () C:\Windows

\System32\Tasks

\HPCeeScheduleForSinnfamily
2015-05-20 07:56 - 2009-07-14 00:08

- 00032560 _____ () C:\Windows

\Tasks\SCHEDLGU.TXT
2015-05-19 18:32 - 2012-04-08 14:23

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\BBR2012
2015-05-19 18:10 - 2015-04-05 03:01

- 00000000 ___SD () C:\Windows

\SysWOW64\GWX
2015-05-19 18:10 - 2015-04-05 03:01

- 00000000 ___SD () C:\Windows

\system32\GWX
2015-05-18 15:30 - 2011-04-09 20:27

- 00000000 ____D () C:\Users

\Sinnfamily\Documents\Family Tree

Maker
2015-05-17 04:54 - 2011-02-15 13:35

- 00003908 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001UA
2015-05-17 04:54 - 2011-02-15 13:35

- 00003512 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001Core
2015-05-17 04:28 - 2014-02-14 21:27

- 00000000 ____D () C:\Program Files

(x86)\Mozilla Maintenance Service
2015-05-16 19:27 - 2015-03-01 00:55

- 00000052 _____ () C:\Windows

\SysWOW64\DOErrors.log
2015-05-15 15:44 - 2011-09-21 15:49

- 00003894 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskMachineUA
2015-05-15 15:44 - 2011-09-21 15:49

- 00003642 _____ () C:\Windows

\System32\Tasks

\GoogleUpdateTaskMachineCore
2015-05-13 06:53 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\rescache
2015-05-13 03:36 - 2009-07-13 23:45

- 00359008 _____ () C:\Windows

\system32\FNTCACHE.DAT
2015-05-13 03:35 - 2013-03-14 03:01

- 00000000 ____D () C:\Program

Files\Microsoft Silverlight
2015-05-13 03:35 - 2013-03-14 03:01

- 00000000 ____D () C:\Program Files

(x86)\Microsoft Silverlight
2015-05-13 03:32 - 2009-07-14 02:45

- 00000000 ____D () C:\Program

Files\Windows Journal
2015-05-13 03:32 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\system32\AdvancedInstallers
2015-05-13 03:13 - 2013-08-01 03:05

- 00000000 ____D () C:\Windows

\system32\MRT
2015-05-13 03:08 - 2009-12-23 06:44

- 140425016 _____ (Microsoft

Corporation) C:\Windows

\system32\MRT.exe
2015-05-13 03:03 - 2013-03-14 03:02

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\Microsoft Silverlight
2015-05-11 08:30 - 2012-08-08 23:54

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Newletter
2015-05-04 09:08 - 2010-01-14 19:11

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Bills paid
2015-05-04 08:23 - 2009-07-13 22:20

- 00000000 ____D () C:\Windows

\system32\NDF
2015-05-04 07:48 - 2010-04-20 06:30

- 00000000 ____D () C:\Users

\Sinnfamily\Desktop\Scot's stuff
2015-05-04 07:46 - 2009-12-20 13:58

- 00029720 _____ () C:\Users

\Sinnfamily\AppData\Roaming

\wklnhst.dat
2015-04-30 16:38 - 2009-12-20 18:16

- 00000552 _____ () C:\Windows

\Tasks

\PCDRScheduledMaintenance.job
2015-04-30 07:06 - 2014-03-31 12:52

- 00000000 ____D () C:\ProgramData

\Microsoft\Windows\Start Menu

\Programs\AVG
2015-04-27 11:37 - 2013-10-22 08:27

- 00000000 ____D () C:\ProgramData

\Oracle
2015-04-27 11:37 - 2010-04-02 05:20

- 00000000 ____D () C:\Program Files

(x86)\Java
2015-04-27 11:36 - 2014-10-20 16:51

- 00098216 _____ (Oracle

Corporation) C:\Windows

\SysWOW64\WindowsAccessBridge-

32.dll

==================== Files

in the root of some directories

=======

2014-11-28 06:27 - 2015-03-12 23:04

- 0000115 _____ () C:\Users

\Sinnfamily\AppData\Roaming

\LogFile.txt
2009-12-20 13:58 - 2015-05-04 07:46

- 0029720 _____ () C:\Users

\Sinnfamily\AppData\Roaming

\wklnhst.dat
2011-10-04 16:39 - 2014-03-11 08:40

- 0123098 _____ () C:\Users

\Sinnfamily\AppData\Local\ars.cache
2011-10-04 16:39 - 2014-03-11 08:40

- 1687450 _____ () C:\Users

\Sinnfamily\AppData\Local

\census.cache
2010-01-21 22:06 - 2010-01-21 22:06

- 0000036 _____ () C:\Users

\Sinnfamily\AppData\Local

\housecall.guid.cache
2011-11-04 15:30 - 2012-03-02 15:37

- 0007616 _____ () C:\Users

\Sinnfamily\AppData\Local

\Resmon.ResmonCfg
2014-03-11 08:09 - 2014-03-11 08:09

- 0000010 _____ () C:\Users

\Sinnfamily\AppData\Local

\sponge.last.runtime.cache
2012-07-02 13:31 - 2012-07-02 13:31

- 2799039 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp008.JPG
2012-08-06 12:29 - 2012-08-06 12:30

- 2124933 _____ () C:\Users

\Sinnfamily\AppData\Local\tmp1.JPG
2011-03-22 12:37 - 2011-03-22 12:37

- 0083509 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp162721_1808201247450_1312501

035_2079019_43889_N[1].JPG
2011-08-23 20:28 - 2011-08-23 20:28

- 0014004 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp168319_1869646863991_1325676

592_2419376_8148056_N.JPG
2012-04-18 11:45 - 2012-04-18 11:45

- 1242447 _____ () C:\Users

\Sinnfamily\AppData\Local\tmp2012-

04-17_21-38-59_182.0
2012-04-18 11:45 - 2012-04-18 11:45

- 0499522 _____ () C:\Users

\Sinnfamily\AppData\Local\tmp2012-

04-17_21-38-59_182.JPG
2012-10-23 11:40 - 2012-10-23 11:40

- 1284650 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp20120205PARADE AWARD0001.0
2012-10-23 11:40 - 2012-10-23 11:40

- 0833582 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp20120205PARADE

AWARD0001.JPG
2011-05-08 17:02 - 2011-05-08 17:02

- 0012434 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp222240_158756360853195_10000

1564965041_380420_6001237_N.JPG
2011-06-18 23:29 - 2011-06-18 23:29

- 0276955 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp257237_117407341680488_10000

2336692814_156079_3039679_O.0
2011-06-18 23:29 - 2011-06-18 23:29

- 0247997 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp257237_117407341680488_10000

2336692814_156079_3039679_O.JPG
2012-10-28 12:49 - 2012-10-28 12:49

- 0040236 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp2B98A1C0D66B.JPG
2012-07-23 17:15 - 2012-07-23 17:15

- 0042681 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp530065_10151032695518389_150

0591922_N.JPG
2011-10-04 09:19 - 2011-10-04 09:19

- 0105908 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp533706_DEFAULT.JPG
2011-03-22 12:30 - 2011-03-22 12:30

- 0044793 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp6776_1225016944450_119979888

0_30669952_5465887_N[1].JPG
2012-03-04 15:59 - 2012-03-04 15:59

- 0007307 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp70760_100000487607807_190706

0964_N.0
2012-03-04 15:59 - 2012-03-04 15:59

- 0007478 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp70760_100000487607807_190706

0964_N.1
2012-03-04 15:59 - 2012-03-04 15:59

- 0007635 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmp70760_100000487607807_190706

0964_N.JPG
2012-08-08 12:22 - 2012-08-08 12:22

- 0145542 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpBO0222.JPG
2010-06-14 19:30 - 2010-06-14 19:30

- 3815225 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpCURIOSITY[1].0
2010-06-14 19:30 - 2010-06-14 19:30

- 0749501 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpCURIOSITY[1].JPG
2012-08-12 10:03 - 2012-08-12 10:03

- 0078042 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDFJJDAYS.0
2012-08-12 10:03 - 2012-08-12 10:03

- 0073577 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDFJJDAYS.JPG
2012-08-04 13:50 - 2012-08-04 13:50

- 3744944 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpDOTTY

2.JPG
2012-04-29 15:45 - 2012-04-29 15:45

- 3795290 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0066.JPG
2012-04-29 15:46 - 2012-04-29 15:46

- 4073377 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0067.JPG
2012-04-29 15:48 - 2012-04-29 15:48

- 3826196 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0068.JPG
2012-04-29 16:15 - 2012-04-29 16:15

- 3979096 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0069.JPG
2012-04-29 16:16 - 2012-04-29 16:16

- 3860447 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0071.JPG
2012-06-07 20:05 - 2012-06-07 20:05

- 1324937 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0113.0
2012-06-07 20:05 - 2012-06-07 20:05

- 1134693 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0113.JPG
2012-06-07 20:06 - 2012-06-07 20:10

- 1169968 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0114.0
2012-06-07 20:10 - 2012-06-07 20:10

- 1165070 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0114.JPG
2012-06-07 20:07 - 2012-06-07 20:07

- 1132928 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0115.0
2012-06-07 20:07 - 2012-06-07 20:07

- 1466839 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0115.JPG
2012-06-07 20:03 - 2012-06-07 20:03

- 1344625 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0121.0
2012-06-07 20:03 - 2012-06-07 20:03

- 0922643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0121.JPG
2012-06-07 20:02 - 2012-06-07 20:02

- 1354697 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0126.0
2012-06-07 20:02 - 2012-06-07 20:02

- 0861878 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0126.JPG
2012-06-07 23:55 - 2012-06-07 23:55

- 3874104 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0129.JPG
2012-06-07 23:56 - 2012-06-07 23:56

- 0293557 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0129_CROP.JPG
2012-07-30 23:17 - 2012-07-30 23:17

- 3818272 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0222.0
2012-07-30 23:17 - 2012-07-30 23:17

- 1247679 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0222.1
2012-07-30 23:17 - 2012-07-30 23:17

- 1317022 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0222.JPG
2012-07-30 23:18 - 2012-07-30 23:18

- 3680209 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0223.0
2012-07-30 23:18 - 2012-07-30 23:18

- 1890416 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0223.JPG
2012-07-30 23:20 - 2012-07-30 23:20

- 4060088 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0224.0
2012-07-30 23:20 - 2012-07-30 23:20

- 1670553 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0224.JPG
2012-07-30 23:21 - 2012-07-30 23:21

- 3876040 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0225.0
2012-07-30 23:21 - 2012-07-30 23:21

- 1243214 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0225.JPG
2012-07-30 23:15 - 2012-07-30 23:15

- 3911025 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0228.0
2012-07-30 23:15 - 2012-07-30 23:15

- 1859570 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0228.JPG
2012-07-30 23:13 - 2012-07-30 23:13

- 3925542 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0230.0
2012-07-30 23:13 - 2012-07-30 23:13

- 1701643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0230.JPG
2012-07-30 23:14 - 2012-07-30 23:14

- 3777079 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0231.0
2012-07-30 23:14 - 2012-07-30 23:14

- 1903590 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0231.JPG
2012-12-16 13:17 - 2012-12-16 13:17

- 2699209 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0423.0
2012-12-16 13:17 - 2012-12-16 13:17

- 0981494 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0423.JPG
2012-12-16 13:16 - 2012-12-16 13:16

- 2344082 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0427.JPG
2013-06-15 18:54 - 2013-06-15 18:54

- 3845545 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0646.JPG
2013-06-15 18:55 - 2013-06-15 18:55

- 3825319 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0648.JPG
2013-06-15 18:55 - 2013-06-15 18:55

- 3655438 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0654.JPG
2013-06-15 18:52 - 2013-06-15 18:52

- 3813732 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0657.JPG
2013-06-15 18:53 - 2013-06-15 18:53

- 3520275 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0661.JPG
2013-06-15 18:50 - 2013-06-15 18:50

- 3700495 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0662.JPG
2013-06-23 09:23 - 2013-06-23 09:23

- 3881342 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0669.JPG
2013-06-23 09:12 - 2013-06-23 09:12

- 4069139 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0683.JPG
2013-06-23 09:01 - 2013-06-23 09:01

- 3776503 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0692.JPG
2013-06-23 09:09 - 2013-06-23 09:09

- 3918280 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0693.JPG
2013-06-23 09:11 - 2013-06-23 09:11

- 4029641 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0694.JPG
2013-06-23 09:08 - 2013-06-23 09:08

- 3801721 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0695.JPG
2013-06-23 09:03 - 2013-06-23 09:03

- 4034112 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0696.0
2013-06-23 09:03 - 2013-06-23 09:03

- 1620362 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0696.JPG
2013-06-23 09:15 - 2013-06-23 09:15

- 3963372 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0699.JPG
2013-06-23 09:16 - 2013-06-23 09:16

- 3879562 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0700.JPG
2013-07-08 07:39 - 2013-07-08 07:39

- 4196228 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0709.JPG
2013-07-21 19:46 - 2013-07-21 19:46

- 3824830 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0757.JPG
2013-07-21 19:59 - 2013-07-21 19:59

- 4239298 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0766.JPG
2013-07-21 19:55 - 2013-07-21 19:55

- 3935137 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0775.0
2013-07-21 19:55 - 2013-07-21 19:55

- 1589176 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0775.JPG
2013-07-21 19:58 - 2013-07-21 19:58

- 3579938 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0777.0
2013-07-21 19:58 - 2013-07-21 19:58

- 1970441 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0777.JPG
2013-07-21 19:48 - 2013-07-21 19:48

- 3807746 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0779.0
2013-07-21 19:48 - 2013-07-21 19:48

- 1027164 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0779.JPG
2013-08-08 22:59 - 2013-08-08 22:59

- 3565728 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0824.JPG
2012-10-21 13:52 - 2012-10-21 13:52

- 2325452 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF0878.JPG
2010-01-16 21:18 - 2010-01-16 21:18

- 2048379 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1417.JPG
2010-07-10 09:40 - 2010-07-10 09:40

- 1265628 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1469.JPG
2010-05-31 07:57 - 2010-05-31 07:57

- 1277265 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1487.JPG
2010-05-31 07:42 - 2010-05-31 07:42

- 1272013 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1541.JPG
2010-06-06 09:18 - 2010-06-06 09:18

- 1263599 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1549.JPG
2010-06-06 09:20 - 2010-06-06 09:20

- 1301262 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1551.JPG
2010-06-06 09:22 - 2010-06-06 09:22

- 1306984 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1553.0
2010-06-06 09:22 - 2010-06-06 09:22

- 0547400 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1553.JPG
2010-06-06 09:23 - 2010-06-06 09:23

- 1309557 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1557.0
2010-06-06 09:23 - 2010-06-06 09:23

- 0473630 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1557.JPG
2010-06-06 09:25 - 2010-06-06 09:25

- 1267254 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1565.0
2010-06-06 09:25 - 2010-06-06 09:25

- 0594259 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1565.JPG
2010-06-06 09:27 - 2010-06-06 09:27

- 1339875 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1568.0
2010-06-06 09:27 - 2010-06-06 09:27

- 0520586 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1568.JPG
2010-06-06 09:29 - 2010-06-06 09:29

- 1280711 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1569.0
2010-06-06 09:29 - 2010-06-06 09:29

- 0518193 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1569.JPG
2010-06-06 09:30 - 2010-06-06 09:30

- 1274621 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1570.0
2010-06-06 09:30 - 2010-06-06 09:30

- 0599313 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1570.JPG
2010-06-06 09:32 - 2010-06-06 09:32

- 1304661 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1572.0
2010-06-06 09:32 - 2010-06-06 09:32

- 0564461 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1572.JPG
2010-06-06 09:33 - 2010-06-06 09:33

- 1300830 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1578.JPG
2010-08-22 20:39 - 2010-08-22 20:39

- 0121084 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1640.JPG
2010-08-22 20:44 - 2010-08-22 20:44

- 0117011 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1644.JPG
2010-08-22 20:41 - 2010-08-22 20:41

- 0117101 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1654.JPG
2010-08-30 11:06 - 2010-08-30 11:06

- 0122993 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1695.0
2010-08-30 11:06 - 2010-08-30 11:06

- 0060817 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1695.JPG
2010-09-06 18:15 - 2010-09-06 18:15

- 0124348 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1714.0
2010-09-06 18:15 - 2010-09-06 18:15

- 0108811 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1714.JPG
2010-09-06 18:22 - 2010-09-06 18:22

- 0118396 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1739.JPG
2010-09-06 18:20 - 2010-09-06 18:20

- 0118228 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1742.JPG
2010-09-06 18:21 - 2010-09-06 18:21

- 0114721 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1743.0
2010-09-06 18:21 - 2010-09-06 18:21

- 0041374 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1743.JPG
2010-09-06 18:19 - 2010-09-06 18:19

- 0118885 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1744.0
2010-09-06 18:19 - 2010-09-06 18:19

- 0045942 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1744.JPG
2010-09-07 12:21 - 2010-09-07 12:21

- 0120370 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1745.0
2010-09-07 12:21 - 2010-09-07 12:21

- 0052945 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1745.JPG
2010-09-07 12:24 - 2010-09-07 12:24

- 0114235 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1747.0
2010-09-07 12:24 - 2010-09-07 12:24

- 0040090 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1747.1
2010-09-07 12:24 - 2010-09-07 12:24

- 0041416 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1747.JPG
2010-10-03 18:18 - 2010-10-03 18:18

- 0119938 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1773.JPG
2010-12-19 18:29 - 2010-12-19 18:28

- 1293192 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1852.0
2010-12-19 18:29 - 2010-12-19 18:29

- 0614563 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1852.1
2010-12-19 18:29 - 2010-12-19 18:29

- 0614469 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1852.JPG
2010-12-19 18:27 - 2010-12-19 18:27

- 1280704 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.0
2010-12-19 18:27 - 2010-12-19 18:27

- 0580990 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.1
2010-12-19 18:27 - 2010-12-19 18:27

- 0580948 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.2
2010-12-19 18:27 - 2010-12-19 18:27

- 0580913 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.3
2010-12-19 18:27 - 2010-12-19 18:27

- 0580919 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1876.JPG
2010-12-24 22:15 - 2010-12-24 22:15

- 1305656 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.0
2010-12-24 22:15 - 2010-12-24 22:15

- 0567634 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.1
2010-12-24 22:16 - 2010-12-24 22:15

- 0567657 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.2
2010-12-24 22:16 - 2010-12-24 22:16

- 0567635 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.3
2010-12-24 22:16 - 2010-12-24 22:16

- 0567637 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1901.JPG
2010-12-24 22:14 - 2010-12-24 22:14

- 1277706 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1905.0
2010-12-24 22:14 - 2010-12-24 22:14

- 0599806 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1905.1
2010-12-24 22:14 - 2010-12-24 22:14

- 0599755 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1905.JPG
2011-01-07 00:56 - 2011-01-07 00:56

- 1284286 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1916.0
2011-01-07 00:56 - 2011-01-07 00:56

- 0611358 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1916.JPG
2011-02-05 01:04 - 2011-02-05 01:04

- 1306128 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1935.JPG
2011-02-05 01:06 - 2011-02-05 01:06

- 1310801 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1938.JPG
2011-02-05 01:07 - 2011-02-05 01:07

- 1283349 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1939.JPG
2011-02-05 01:09 - 2011-02-05 01:09

- 1268925 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1941.JPG
2011-02-05 01:10 - 2011-02-05 01:10

- 1267643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1942.JPG
2011-02-05 01:11 - 2011-02-05 01:11

- 1284254 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1943.JPG
2011-02-05 01:13 - 2011-02-05 01:14

- 1301055 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1947.0
2011-02-05 01:14 - 2011-02-05 01:14

- 0466224 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1947.JPG
2011-02-05 01:15 - 2011-02-05 01:15

- 1293138 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1949.0
2011-02-05 01:15 - 2011-02-05 01:15

- 0472954 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1949.JPG
2011-02-05 01:16 - 2011-02-05 01:16

- 1259107 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1950.0
2011-02-05 01:17 - 2011-02-05 01:16

- 0437101 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1950.JPG
2011-02-05 01:17 - 2011-02-05 01:17

- 1282235 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1954.JPG
2011-02-05 01:19 - 2011-02-05 01:19

- 1308872 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1960.JPG
2011-02-13 17:34 - 2011-02-13 17:34

- 1271178 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1963.JPG
2011-02-13 17:35 - 2011-02-13 17:35

- 1276081 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1964.JPG
2011-02-13 17:36 - 2011-02-13 17:36

- 1279742 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1965.JPG
2011-02-13 17:42 - 2011-02-13 17:42

- 1292904 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1972.0
2011-02-13 17:42 - 2011-02-13 17:42

- 0595188 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1972.JPG
2011-02-15 22:00 - 2011-02-15 22:00

- 1294126 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1986.JPG
2011-02-24 22:24 - 2011-02-24 22:24

- 1307352 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1991.0
2011-02-24 22:24 - 2011-02-24 22:24

- 0549948 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1991.JPG
2011-03-06 17:46 - 2011-03-06 17:46

- 1318782 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF1997.JPG
2011-03-06 17:43 - 2011-03-06 17:43

- 1332932 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2002.0
2011-03-06 17:43 - 2011-03-06 17:43

- 0510210 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2002.JPG
2011-03-06 17:44 - 2011-03-06 17:44

- 1316416 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2003.JPG
2011-03-07 09:34 - 2011-03-07 09:33

- 1274890 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2004.0
2011-03-07 09:34 - 2011-03-07 09:34

- 0789483 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2004.JPG
2011-03-07 21:53 - 2011-03-07 21:53

- 1274885 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2005.JPG
2011-03-07 21:52 - 2011-03-07 21:52

- 1267421 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2010.JPG
2011-03-07 21:56 - 2011-03-07 21:56

- 1273974 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2011.JPG
2011-03-07 21:57 - 2011-03-07 21:57

- 1277302 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2013.JPG
2011-03-07 21:54 - 2011-03-07 21:54

- 1293404 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2017.JPG
2011-04-16 20:51 - 2011-04-16 20:51

- 1315581 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2025.JPG
2011-04-16 20:51 - 2011-04-16 20:51

- 1292080 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2026.JPG
2011-04-16 20:49 - 2011-04-16 20:49

- 1314801 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2035.0
2011-04-16 20:49 - 2011-04-16 20:49

- 0599006 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2035.JPG
2011-04-25 15:20 - 2011-04-25 15:20

- 1307596 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2112.JPG
2011-04-30 22:38 - 2011-04-30 22:38

- 1298066 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2136.JPG
2011-04-30 22:39 - 2011-04-30 22:39

- 1322262 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2138.JPG
2011-04-30 22:40 - 2011-04-30 22:40

- 1309634 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2139.JPG
2011-04-30 22:41 - 2011-04-30 22:41

- 1322904 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2140.JPG
2011-06-12 13:52 - 2011-06-12 13:52

- 1262679 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2169.JPG
2011-06-12 13:55 - 2011-06-12 13:55

- 1279366 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2177.JPG
2011-06-12 13:49 - 2011-06-12 13:49

- 1261334 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2180.JPG
2011-06-12 13:50 - 2011-06-12 13:50

- 1293257 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2182.JPG
2011-06-17 22:31 - 2011-06-17 22:31

- 1321172 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2183.0
2011-06-17 22:31 - 2011-06-17 22:31

- 0509959 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2183.JPG
2011-06-19 22:04 - 2011-06-19 22:04

- 0116703 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2187.JPG
2011-06-19 22:05 - 2011-06-19 22:05

- 0116082 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2190.JPG
2011-06-19 22:01 - 2011-06-19 22:01

- 0117748 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2193.JPG
2011-06-19 22:03 - 2011-06-19 22:03

- 0117035 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2197.JPG
2011-06-19 22:06 - 2011-06-19 22:06

- 0118663 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2200.JPG
2011-07-18 13:17 - 2011-07-18 13:17

- 0123013 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2229.0
2011-07-18 13:17 - 2011-07-18 13:17

- 0068474 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2229.JPG
2011-08-29 17:35 - 2011-08-29 17:35

- 0120964 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2385.JPG
2011-09-11 20:25 - 2011-09-11 20:25

- 0122540 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2393.JPG
2011-09-11 20:24 - 2011-09-11 20:24

- 0125335 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2395.JPG
2011-09-11 20:26 - 2011-09-11 20:26

- 0123971 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2398.JPG
2011-09-11 20:29 - 2011-09-11 20:29

- 0119387 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2405.JPG
2011-09-11 20:32 - 2011-09-11 20:32

- 0118672 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2421.JPG
2011-09-18 17:40 - 2011-09-18 17:40

- 1304426 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2449.JPG
2011-09-18 17:43 - 2011-09-18 17:43

- 1288406 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2458.JPG
2011-09-18 17:44 - 2011-09-18 17:44

- 1312647 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2459.JPG
2011-10-10 13:12 - 2011-10-10 13:12

- 1273619 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2582.JPG
2011-10-04 10:50 - 2011-10-04 10:50

- 1300377 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2616.0
2011-10-04 10:50 - 2011-10-04 10:50

- 0466372 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2616.JPG
2011-10-04 10:44 - 2011-10-04 10:44

- 1256158 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2623.0
2011-10-04 10:44 - 2011-10-04 10:44

- 0675864 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2623.JPG
2011-10-04 10:46 - 2011-10-04 10:46

- 1271643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2625.0
2011-10-04 10:46 - 2011-10-04 10:47

- 1271643 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2625.JPG
2011-10-04 10:43 - 2011-10-04 10:43

- 1297844 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2629.0
2011-10-04 10:43 - 2011-10-04 10:43

- 0418412 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2629.JPG
2011-10-04 10:41 - 2011-10-04 10:41

- 1315743 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2632.0
2011-10-04 10:41 - 2011-10-04 10:41

- 0397200 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2632.JPG
2011-10-04 10:40 - 2011-10-04 10:40

- 1276351 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2633.JPG
2011-10-04 10:27 - 2011-10-04 10:27

- 1295723 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2654.0
2011-10-04 10:27 - 2011-10-04 10:27

- 0733257 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2654.JPG
2011-10-04 10:30 - 2011-10-04 10:30

- 1290307 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2655.0
2011-10-04 10:30 - 2011-10-04 10:30

- 0377537 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2655.JPG
2011-10-04 10:33 - 2011-10-04 10:33

- 1311450 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2658.JPG
2011-10-29 11:52 - 2011-10-29 11:52

- 1274442 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2812.0
2011-10-29 11:52 - 2011-10-29 11:52

- 0623965 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2812.JPG
2011-10-31 20:11 - 2011-10-31 20:11

- 1326983 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2817.JPG
2011-10-31 20:12 - 2011-10-31 20:12

- 1275600 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2819.JPG
2011-12-01 12:04 - 2011-12-01 12:04

- 1307556 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2829.0
2011-12-01 12:04 - 2011-12-01 12:04

- 0534391 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2829.JPG
2011-12-07 14:08 - 2011-12-07 14:08

- 1342024 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2837.0
2011-12-07 14:08 - 2011-12-07 14:08

- 0568931 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2837.JPG
2011-12-06 10:04 - 2011-12-06 10:04

- 1297713 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2843.0
2011-12-06 10:04 - 2011-12-06 10:04

- 0603624 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2843.JPG
2011-12-06 10:06 - 2011-12-06 10:06

- 1279630 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2845.0
2011-12-06 10:06 - 2011-12-06 10:06

- 0592591 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2845.JPG
2011-12-12 01:27 - 2011-12-12 01:27

- 1285879 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2945.JPG
2011-12-21 21:58 - 2011-12-21 21:58

- 1267066 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2964.JPG
2011-12-24 23:13 - 2011-12-24 23:13

- 1274787 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2968.JPG
2012-01-05 16:19 - 2012-01-05 16:19

- 1278695 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpDSCF2969.JPG
2011-04-13 10:47 - 2011-04-13 10:47

- 0119017 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEPSON002.0
2011-04-13 10:47 - 2011-04-13 10:47

- 0141870 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEPSON002.JPG
2011-04-14 18:15 - 2011-04-14 18:15

- 0208217 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEPSON003[1].JPG
2011-03-11 18:43 - 2011-03-11 18:43

- 0947202 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpEXPO_004[1].JPG
2011-10-26 10:51 - 2011-10-26 10:51

- 0178994 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpGRAVE

MARKER.0
2011-10-26 10:51 - 2011-10-26 10:51

- 0181324 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpGRAVE

MARKER.1
2011-10-26 10:51 - 2011-10-26 10:51

- 0181741 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpGRAVE

MARKER.JPG
2012-12-20 23:24 - 2012-12-20 23:24

- 0057715 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHAPPYTAILS.JPG
2012-09-25 23:18 - 2012-09-25 23:18

- 2490355 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHARVEY.JPG
2012-09-25 23:16 - 2012-09-25 23:16

- 0021924 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHARVEYJ-2.0
2012-09-25 23:16 - 2012-09-25 23:16

- 0016735 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHARVEYJ-2.JPG
2013-07-22 22:56 - 2013-07-22 22:56

- 0757371 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHIBBING CABIN MAP030.0
2013-07-22 22:56 - 2013-07-22 22:56

- 1097356 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHIBBING CABIN MAP030.1
2013-07-22 22:56 - 2013-07-22 22:56

- 1118480 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHIBBING CABIN MAP030.JPG
2011-09-20 11:04 - 2011-09-20 11:04

- 0013259 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpHOWLOWEEN2006.JPG
2011-06-03 12:10 - 2011-06-03 12:10

- 5016602 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8563.0
2011-06-03 12:10 - 2011-06-03 12:10

- 1152240 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8563.JPG
2011-06-03 12:11 - 2011-06-03 12:11

- 4223711 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8589.0
2011-06-03 12:11 - 2011-06-03 12:11

- 0861439 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_8589.JPG
2011-06-03 12:19 - 2011-06-03 12:19

- 4716362 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_9086.0
2011-06-03 12:19 - 2011-06-03 12:19

- 1043970 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpIMG_9086.JPG
2011-01-01 19:05 - 2011-01-01 19:05

- 1166454 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJESSICA,JESSE, JD5.JPG
2011-01-01 19:06 - 2011-01-01 19:06

- 0012015 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJESSICA,JESSE, JD5_CROP.0
2011-01-01 19:06 - 2011-01-01 19:06

- 0012013 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJESSICA,JESSE, JD5_CROP.JPG
2012-12-22 22:46 - 2012-12-22 22:46

- 1395219 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpJOHNBUSH2.JPG
2010-06-14 19:28 - 2010-06-14 19:28

- 3366613 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpLOOKING+AT+YOU[1].0
2010-06-14 19:28 - 2010-06-14 19:28

- 0697527 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpLOOKING+AT+YOU[1].JPG
2010-02-03 20:14 - 2011-08-23 09:25

- 0011382 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpME

AND TEUFEL.JPG
2010-05-29 22:01 - 2010-05-29 22:01

- 2076087 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].0
2010-05-29 22:01 - 2010-05-29 22:01

- 0992653 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].1
2010-05-29 22:01 - 2010-05-29 22:01

- 0982699 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].2
2010-05-29 22:01 - 2010-05-29 22:01

- 1018182 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpOUR_GIRL_MORGAN_MAY_2010

[1].JPG
2012-08-08 12:24 - 2012-08-08 12:24

- 0222265 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpRICKSBASSETS07162012.JPG
2010-12-07 10:25 - 2010-12-07 10:25

- 2792446 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSAM_0041[1].JPG
2010-12-07 10:27 - 2010-12-07 10:27

- 2724806 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSAM_0042[1].JPG
2010-12-07 10:28 - 2010-12-07 10:28

- 2779611 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSAM_0043[1].JPG
2013-02-21 23:45 - 2013-02-21 23:45

- 0305120 _____ () C:\Users

\Sinnfamily\AppData\Local\tmpSIS

FLYER.JPG
2011-09-20 09:12 - 2011-09-20 09:12

- 0078677 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpSIS.JPG
2012-12-02 12:34 - 2012-12-02 12:34

- 1372344 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL 7.0
2012-12-02 12:34 - 2012-12-02 12:34

- 0690494 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL 7.JPG
2011-08-01 18:25 - 2011-08-01 18:25

- 0089772 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL AT BASSETFEST.JPG
2010-09-13 23:27 - 2010-09-13 23:27

- 0121804 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTEUFEL3[1].JPG
2011-03-17 13:03 - 2011-03-17 13:03

- 0076429 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTUEFFLES.0
2011-03-17 13:03 - 2011-03-17 13:03

- 0042211 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTUEFFLES.1
2011-03-17 13:03 - 2011-03-17 13:03

- 0044867 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTUEFFLES.JPG
2013-08-09 10:57 - 2013-08-09 10:57

- 0331186 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpTYKE.JPG
2012-12-22 22:50 - 2012-12-22 22:50

- 2270875 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpUNITED NATIONS COMMAND

SUPPORT GROUP.JPG
2011-09-20 09:12 - 2011-09-20 09:12

- 0115122 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpWELCOME FROM STONE

MOUNTAIN.JPG
2010-02-13 21:07 - 2010-02-13 21:07

- 0022618 _____ () C:\Users

\Sinnfamily\AppData\Local

\tmpWHITE_BUTTERFLY_SNIFFER

[1].JPG
2013-08-10 19:10 - 2013-08-10 19:10

- 0000000 _____ () C:\ProgramData

\3b203d3a29333421252a593f31_c
2014-10-19 18:23 - 2014-10-19 18:23

- 0000057 _____ () C:\ProgramData

\Ament.ini
2011-01-10 18:40 - 2011-01-10 18:40

- 0000056 ____H () C:\ProgramData

\ezsidmv.dat

Files to move or delete:
====================
C:\Users\Sinnfamily\jobq.dat


Some files in TEMP:
====================
C:\Users\Sinnfamily\AppData\Local

\Temp\DseShExt-x64.dll
C:\Users\Sinnfamily\AppData\Local

\Temp\DseShExt-x86.dll
C:\Users\Sinnfamily\AppData\Local

\Temp\SDShelEx-win32.dll
C:\Users\Sinnfamily\AppData\Local

\Temp\SDShelEx-x64.dll


Some zero byte size files/folders:
=======================

===
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\nvvsvc.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe
C:\Windows

\SysWOW64\WUDFHost.exe
C:\Windows\System32\nvd3dum.dll
C:\Windows\System32\nvwgf2um.dll

====================

Bamital & volsnap Check

=================

(There is no automatic fix for files that

do not pass verification.)

C:\Windows\System32\winlogon.exe

=> File is digitally signed
C:\Windows\System32\wininit.exe =>

File is digitally signed
C:\Windows\SysWOW64\wininit.exe

=> File is digitally signed
C:\Windows\explorer.exe => File is

digitally signed
C:\Windows\SysWOW64\explorer.exe

=> File is digitally signed
C:\Windows\System32\svchost.exe

=> File is digitally signed
C:\Windows\SysWOW64\svchost.exe

=> File is digitally signed
C:\Windows\System32\services.exe

=> File is digitally signed
C:\Windows\System32\User32.dll =>

File is digitally signed
C:\Windows\SysWOW64\User32.dll

=> File is digitally signed
C:\Windows\System32\userinit.exe

=> File is digitally signed
C:\Windows\SysWOW64\userinit.exe

=> File is digitally signed
C:\Windows\System32\rpcss.dll =>

File is digitally signed
C:\Windows\System32\Drivers

\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-20 22:12

==================== End

of log

=======================

Additional scan result of Farbar

Recovery Scan Tool (x64) Version: 21

-05-2015
Ran by Sinnfamily at 2015-05-22

21:50:36
Running from C:\Users\Sinnfamily

\Downloads
Boot Mode: Normal
=======================

=======================

============


====================

Accounts:

=======================

======

Administrator (S-1-5-21-2643768202-

156854014-2583388340-500 -

Administrator - Disabled)
Guest (S-1-5-21-2643768202-

156854014-2583388340-501 - Limited

- Disabled)
HomeGroupUser$ (S-1-5-21-

2643768202-156854014-2583388340

-1002 - Limited - Enabled)
Sinnfamily (S-1-5-21-2643768202-

156854014-2583388340-1001 -

Administrator - Enabled) => C:\Users

\Sinnfamily

====================

Security Center

=======================

=

(If an entry is included in the fixlist, it

will be removed.)

AV: avast! Antivirus (Enabled - Up to

date) {17AD7D40-BA12-9C46-7131-

94903A54AD8B}
AV: AVG Internet Security 2015

(Disabled - Up to date) {4D41356F-

32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up

to date) {D68DDC3A-831F-4fae-9E44

-DA132C1ACF46}
AS: AVG Internet Security 2015

(Disabled - Up to date) {F620D48B-

1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to

date) {ACCC9CA4-9C28-93C8-4B81-

AFE241D3E736}

====================

Installed Programs

======================

(Only the adware programs with

"hidden" flag could be added to the

fixlist to unhide them. The adware

programs should be uninstalled

manually.)

Acrobat.com (HKLM-x32\...

\com.adobe.mauby.4875E02D9FB21E

E389F73B8D1702B320485DF8CE.1)

(Version: 2.3.0.0 - Adobe Systems

Incorporated)
Acrobat.com (x32 Version: 2.3.0 -

Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR)

(Version: 1.5.3.9120 - Adobe Systems

Inc.)
Adobe Flash Player 17 ActiveX

(HKLM-x32\...\Adobe Flash Player

ActiveX) (Version: 17.0.0.169 - Adobe

Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-

x32\...\Adobe Flash Player NPAPI)

(Version: 17.0.0.169 - Adobe Systems

Incorporated)
Adobe Reader XI (11.0.10) (HKLM-

x32\...\{AC76BA86-7AD7-1033-7B44-

AB0000000001}) (Version: 11.0.10 -

Adobe Systems Incorporated)
Adobe Shockwave Player 12.0

(HKLM-x32\...\Adobe Shockwave

Player) (Version: 12.0.2.122 - Adobe

Systems, Inc.)
Apple Application Support (HKLM-

x32\...\{46F044A5-CE8B-4196-984E-

5BD6525E361D}) (Version: 2.3.6 -

Apple Inc.)
Apple Software Update (HKLM-x32\...

\{789A5B64-9DD9-4BA5-915A-

F0FC0A1B7BFE}) (Version: 2.1.3.127 -

Apple Inc.)
Avast Free Antivirus (HKLM-x32\...

\Avast) (Version: 10.2.2218 - AVAST

Software)
AVG 2015 (Version: 15.0.5941 - AVG

Technologies) Hidden
Compatibility Pack for the 2007 Office

system (HKLM-x32\...\{90120000-

0020-0409-0000-0000000FF1CE})

(Version: 12.0.6612.1000 - Microsoft

Corporation)
Coupon Printer for Windows (HKLM-

x32\...\Coupon Printer for

Windows5.0.0.4) (Version: 5.0.0.4 -

Coupons.com Incorporated)
CyberLink DVD Suite Deluxe (HKLM-

x32\...\InstallShield_{1FBF6C24-

C1FD-4101-A42B-0C564F9E8E79})

(Version: 6.0.3101 - CyberLink Corp.)
DirectX for Managed Code Update

(Summer 2004) (x32 Version:

9.02.2904 - Microsoft) Hidden
Family Tree Maker 2011 (HKLM-

x32\...\Family Tree Maker 2011)

(Version: 20.0.379 - Ancestry.com)
Family Tree Maker 2011 (x32 Version:

20.0.379 - Ancestry.com) Hidden
FamilySearch Indexing 3.10.5

(HKLM-x32\...\0591-8077-9297-0833)

(Version: 3.10.5 - FamilySearch)
FamilySearch Linking 1.1.0 (HKLM-

x32\...\0591-8077-9297-0833-1)

(Version: 1.1.0 - FamilySearch)
FUJIFILM MyFinePix Studio 2.0

(HKLM-x32\...\FinePix Genie_is1)

(Version: - )
Google Chrome (HKLM-x32\...\Google

Chrome) (Version: 43.0.2357.65 -

Google Inc.)
Google Talk Plugin (HKLM-x32\...

\{CA3DD97D-1FD7-37A7-BD5C-

FC4430C8B8E6}) (Version: 5.41.2.0 -

Google)
Google Update Helper (x32 Version:

1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version:

1.3.27.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...

\PC-Doctor for Windows) (Version:

6.0.5434.08 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3

(x32 Version: 1.00.0000 - Hewlett-

Packard Company) Hidden
Homepage Protection (HKLM-x32\...

\Homepage Protection) (Version: -

AOL Products)
HP Advisor (HKLM-x32\...

\{40FB8D7C-6FF8-4AF2-BC8B-

0B1DB32AF04B}) (Version:

3.3.12286.3436 - Hewlett-Packard)
HP ENVY 4500 series Basic Device

Software (HKLM\...\{38A08516-1847-

43E4-8076-9540B60EC43B}) (Version:

32.2.188.47710 - Hewlett-Packard

Co.)
HP ENVY 4500 series Help (HKLM-

x32\...\{95BECC50-22B4-4FCA-8A2E-

BF77713E6D3A}) (Version: 30.0.0 -

Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent

hp Master Uninstall) (Version: 1.0.0.71

- WildTangent)
HP MediaSmart Demo (HKLM-x32\...

\{9DEF9686-CCB2-47B7-BF83-

B49EA21FA016}) (Version: 1.00.0000

- Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...

\InstallShield_{DCCAD079-F92C-

44DA-B258-624FC6517A5A}) (Version:

3.0.3420 - Hewlett-Packard)
HP MediaSmart Movie Themes

(HKLM-x32\...\InstallShield_

{3023EBDA-BF1B-4831-B347-

E5018555F26E}) (Version: 3.0.3102 -

Hewlett-Packard)
HP MediaSmart Music/Photo/Video

(HKLM-x32\...\InstallShield_

{B2EE25B9-5B00-4ACF-94F0-

92433C28C39E}) (Version: 3.1.3601 -

Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...

\{26280024-DFB7-4967-90DB-

7F9C6660D01E}) (Version: 3.0.28.2 -

Hewlett-Packard)
HP Odometer (HKLM-x32\...

\{B8AC1A89-FFD1-4F97-8051-

E505A160F562}) (Version: 2.10.0000 -

Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP

Photo Creations) (Version:

1.0.0.16432 - HP)
HP Product Detection (HKLM-x32\...

\{A436F67F-687E-4736-BD2B-

537121A804CF}) (Version: 11.14.0001

- HP)
HP Remote Solution (HKLM-x32\...\HP

Remote Solution) (Version: 1.1.9.0 -

TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-

EB57-45AA-B3D1-EB532BCF6EF8})

(Version: 1.2.3220.3079 - Hewlett-

Packard)
HP Support Information (HKLM-

x32\...\{B9A03B7B-E0FF-4FB3-BA83-

762E58A1B0AA}) (Version: 10.1.0002

- Hewlett-Packard)
HP Support Solutions Framework

(HKLM-x32\...\{44157EB3-D8D0-

4BB1-B0F5-AD2C38814ED1})

(Version: 11.51.0027 - Hewlett-

Packard Company)
HP Update (HKLM-x32\...

\{912D30CF-F39E-4B31-AD9A-

123C6B794EE2}) (Version:

5.005.002.002 - Hewlett-Packard)
Java 8 Update 45 (HKLM-x32\...

\{26A24AE4-039D-4CA4-87B4-

2F83218045F0}) (Version: 8.0.450 -

Oracle Corporation)
LabelPrint (HKLM-x32\...

\InstallShield_{C59C179C-668D-49A9

-B6EA-0121CCFC1243}) (Version:

2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 -

CyberLink Corp.) Hidden
LightScribe System Software (HKLM-

x32\...\{DD6C316A-FE75-4FBB-9D22-

4C1920232B72}) (Version: 1.18.5.1 -

LightScribe)
Malwarebytes Anti-Malware version

2.1.6.1022 (HKLM-x32\...

\Malwarebytes Anti-Malware_is1)

(Version: 2.1.6.1022 - Malwarebytes

Corporation)
Microsoft .NET Framework 4.5.2

(HKLM\...\{92FB6C44-E685-45AD-

9B20-CADF4CABA132} - 1033)

(Version: 4.5.51209 - Microsoft

Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...

\Microsoft IntelliPoint 8.2) (Version:

8.20.468.0 - Microsoft Corporation)
Microsoft Office Home and Student 60

day trial (HKLM\...\OfficeTrial)

(Version: - )
Microsoft Office PowerPoint Viewer

2007 (English) (HKLM-x32\...

\{95120000-00AF-0409-0000-

0000000FF1CE}) (Version:

12.0.6612.1000 - Microsoft

Corporation)
Microsoft Primary Interoperability

Assemblies 2005 (HKLM-x32\...

\{D24DB8B9-BB6C-4334-9619-

BA1C650E13D3}) (Version:

8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...

\{89F4137D-6C26-4A84-BDB8-

2E5A4BB71E00}) (Version:

5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL

Update kb973923 - x64

8.0.50727.4053 (HKLM\...

\{B6E3757B-5E77-3915-866A-

CCFC4B8D194C}) (Version:

8.0.50727.4053 - Microsoft

Corporation)
Microsoft Visual C++ 2005 ATL

Update kb973923 - x86

8.0.50727.4053 (HKLM-x32\...

\{770657D0-A123-3C07-8E44-

1C83EC895118}) (Version:

8.0.50727.4053 - Microsoft

Corporation)
Microsoft Visual C++ 2005

Redistributable (HKLM-x32\...

\{710f4c1c-cc18-4c49-8cbf-

51240c89a1a2}) (Version: 8.0.61001 -

Microsoft Corporation)
Microsoft Visual C++ 2005

Redistributable (x64) - KB2467175

(HKLM\...\{aac9fcc4-dd9e-4add-

901c-b5496a07ab2e}) (Version:

8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005

Redistributable (x64) (HKLM\...

\{071c9b48-7c32-4621-a0ac-

3f809523288f}) (Version: 8.0.56336 -

Microsoft Corporation)
Microsoft Visual C++ 2005

Redistributable (x64) (HKLM\...

\{ad8a2fa1-06e7-4b0d-927d-

6e54b3d31028}) (Version: 8.0.61000 -

Microsoft Corporation)
Microsoft Visual C++ 2008 ATL

Update kb973924 - x64

9.0.30729.4148 (HKLM\...

\{EE936C7A-EA40-31D5-9B65-

8E3E089C3828}) (Version:

9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008 ATL

Update kb973924 - x86

9.0.30729.4148 (HKLM-x32\...

\{002D9D5E-29BA-3E6D-9BC4-

3D7D6DBC735C}) (Version:

9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - KB2467174 - x64

9.0.30729.5570 (HKLM\...

\{8338783A-0968-3B85-AFC7-

BAAE0A63DC50}) (Version:

9.0.30729.5570 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - KB2467174 - x86

9.0.30729.5570 (HKLM-x32\...

\{86CE85E6-DBAC-3FFD-B977-

E4B79F83C909}) (Version:

9.0.30729.5570 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x64 9.0.21022

(HKLM\...\{350AA351-21FA-3270-

8B7A-835434E766AD}) (Version:

9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x64 9.0.30729.17

(HKLM\...\{8220EEFE-38CD-377E-

8595-13398D740ACE}) (Version:

9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x64 9.0.30729.6161

(HKLM\...\{5FCE6D76-F5DC-37AB-

B2B8-22AB8CEDB1D4}) (Version:

9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.21022

(HKLM-x32\...\{FF66E9F6-83E7-

3A3E-AF14-8DE9A809A6A4})

(Version: 9.0.21022 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.21022.218

(HKLM-x32\...\{E503B4BF-F7BB-

3D5F-8BC8-F694B1CFF942}) (Version:

9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.17

(HKLM-x32\...\{9A25302D-30C0-39D9

-BD6F-21E6EC160475}) (Version:

9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.4148

(HKLM-x32\...\{1F1C2DFC-2D24-3E06

-BCB8-725134ADF989}) (Version:

9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008

Redistributable - x86 9.0.30729.6161

(HKLM-x32\...\{9BE518E6-ECC6-35A9

-88E4-87755C07200F}) (Version:

9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2010 x86

Redistributable - 10.0.40219 (HKLM-

x32\...\{F0C3E5D1-1ADE-321E-8167-

68EF0DE699A5}) (Version: 10.0.40219

- Microsoft Corporation)
Microsoft Works (HKLM-x32\...

\{15BC8CD0-A65B-47D0-A2DD-

90A824590FA8}) (Version: 9.7.0621 -

Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-

x32\...\{E3E71D07-CD27-46CB-8448-

16D4FB29AA13}) (Version: 3.0.5305.0

- Microsoft Corp.)
Mozilla Firefox 38.0.1 (x86 en-US)

(HKLM-x32\...\Mozilla Firefox 38.0.1

(x86 en-US)) (Version: 38.0.1 -

Mozilla)
Mozilla Maintenance Service (HKLM-

x32\...\MozillaMaintenanceService)

(Version: 37.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-

x32\...\{86493ADD-824D-4B8E-BD72

-8C5DCDC52A71}) (Version:

4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-

x32\...\{F662A8E6-F4DC-41A2-901E-

8C11F044BDEC}) (Version:

4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder

(HKLM-x32\...\Family Tree Builder)

(Version: 7.0.0.7128 -

MyHeritage.com)
NVIDIA Drivers (HKLM\...\NVIDIA

Drivers) (Version: 1.5 - NVIDIA

Corporation)
OpenOffice 4.1.0 (HKLM-x32\...

\{C87EF11D-36E9-479D-9898-

7541EA1E8A6A}) (Version: 4.10.9764

- Apache Software Foundation)
PictureMover (HKLM-x32\...

\{1896E712-2B3D-45eb-BCE9-

542742A51032}) (Version: 3.3.1.19 -

Hewlett-Packard Company)
Power2Go (HKLM-x32\...

\InstallShield_{40BF1E83-20EB-11D8

-97C5-0009C5020658}) (Version:

6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 -

CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...

\InstallShield_{CB099890-1D5F-11D5

-9EA9-0050BAE317E1}) (Version:

7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101

- CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923

- CyberLink Corp.) Hidden
Product Improvement Study for HP

ENVY 4500 series (HKLM\...

\{3A5F6684-5FD8-4660-A4DA-

BF60A20FCCFC}) (Version:

32.2.188.47710 - Hewlett-Packard

Co.)
QuickTime 7 (HKLM-x32\...

\{3D2CBC2C-65D4-4463-87AB-

BB2C859C1F3E}) (Version: 7.76.80.95

- Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-

4961-AFED-118DD8E87642})

(Version: 1.00.0001 - FUJIFILM

Corporation)
RealDownloader (x32 Version: 1.3.3 -

RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver

(HKLM-x32\...\{F132AF7F-7BCA-

4EDE-8A7C-958108FE7DBC})

(Version: 6.0.1.5882 - Realtek

Semiconductor Corp.)
Skype Toolbars (HKLM-x32\...

\{B6CF2967-C81E-40C0-9815-

C05774FEF120}) (Version: 5.3.7555 -

Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-

x32\...\{B4092C6D-E886-4CB2-BA68-

FE5A88D31DE6}_is1) (Version: 1.6.2 -

Safer Networking Limited)
swMSM (x32 Version: 12.0.0.1 -

Adobe Systems, Inc) Hidden
Uniblue RegistryBooster (HKLM-

x32\...\{E63E34A7-E552-412B-9E40-

FD6FC5227ABA}_is1) (Version: -

Uniblue Systems Ltd)
Visual C++ 8.0 Runtime Setup

Package (x64) (HKLM-x32\...

\{2FDBBCEA-62DB-45F4-B6E5-

0E1FB2A1F29D}) (Version: 9.0.0.623 -

AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64

Redistributables (HKLM-x32\...

\{FCDBEA60-79F0-4FAE-BBA8-

55A26C609A49}) (Version: 10.0.0.2 -

AVG Technologies)
Visual Studio 2010 x64

Redistributables (HKLM\...

\{21B133D6-5979-47F0-BE1C-

F6A6B304693F}) (Version: 13.0.0.1 -

AVG Technologies)
Visual Studio 2012 x64

Redistributables (HKLM\...

\{8C775E70-A791-4DA8-BCC3-

6AB7136F4484}) (Version: 14.0.0.1 -

AVG Technologies)
Visual Studio 2012 x86

Redistributables (HKLM-x32\...

\{98EFF19A-30AB-4E4B-B943-

F06B1C63EBF8}) (Version: 14.0.0.1 -

AVG Technologies CZ, s.r.o.)
Windows Media Encoder 9 Series

(HKLM-x32\...\Windows Media

Encoder 9) (Version: - )
Yahoo! Software Update (HKLM-

x32\...\Yahoo! Software Update)

(Version: - )

====================

Custom CLSID (Whitelisted):

=======================

===

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)


====================

Restore Points

=======================

==

13-05-2015 03:00:38 Windows Update
19-05-2015 18:09:50 Windows Update
20-05-2015 09:37:59 Installed AVG PC

TuneUp 2015
20-05-2015 16:44:33 AVG 2015
22-05-2015 20:51:28 Removed Skype

Toolbars

====================

Hosts content:

=======================

========

(If needed Hosts: directive could be

included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00

- 00000824 ____A C:\Windows

\system32\Drivers\etc\hosts

====================

Scheduled Tasks (Whitelisted)

=============

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

Task: {00DE05F7-C4C2-4461-B40C-

0CA9AEAFB3D7} - System32\Tasks

\DVDAgent => c:\Program Files

(x86)\Hewlett-Packard\Media\DVD

\DVDAgent.exe [2009-10-20]

(CyberLink Corp.)
Task: {048B52EB-3E7E-4737-81C5-

ACC489A6E904} - System32\Tasks

\Microsoft_Hardware_Launch_IPoint_

exe => c:\Program Files\Microsoft

IntelliPoint\IPoint.exe [2011-08-01]

(Microsoft Corporation)
Task: {0D301EBB-5114-4655-8904-

9DE15036F3C8} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant

\WarrantyChecker_DeviceScan => C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework\Resources

\HPWarrantyCheck

\HPWarrantyChecker.exe [2015-04-

14] (Hewlett-Packard)
Task: {17B83FB2-BD08-4668-BBA5-

1E0D76ADCB97} - System32\Tasks

\Microsoft\Windows\Setup\gwx

\launchtrayprocess => C:\Windows

\system32\GWX\GWX.exe [2015-05-

07] (Microsoft Corporation)
Task: {2B1C0F13-4C81-4717-B976-

9DE922CB21F4} - System32\Tasks

\Apple\AppleSoftwareUpdate => C:

\Program Files (x86)\Apple Software

Update\SoftwareUpdate.exe [2011-

06-01] (Apple Inc.)
Task: {36D38275-813C-4788-B1AB-

3779C3F2F598} - System32\Tasks

\GoogleUpdateTaskMachineUA => C:

\Program Files (x86)\Google\Update

\GoogleUpdate.exe [2014-10-18]

(Google Inc.)
Task: {5B105DDE-C5D1-42E9-A71A-

B1D20E9FCB26} - System32\Tasks

\FreeFileViewerUpdateChecker => C:

\Program Files (x86)\FreeFileViewer

\FFVCheckForUpdates.exe <====

ATTENTION
Task: {6267E7E9-9D6A-41CA-A45C-

EC8E2D68322B} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001Core => C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe [2014-10-22]

(Google Inc.)
Task: {6ACE0257-90C2-433B-9293-

A8913B336AFB} - System32\Tasks

\RealUpgradeScheduledTaskS-1-5-21

-2643768202-156854014-2583388340

-1001 => C:\Program Files

(x86)\Real\RealUpgrade

\RealUpgrade.exe
Task: {6E4E334F-75C0-46E8-81FE-

2243052EC701} - System32\Tasks

\PCDRScheduledMaintenance => C:

\Program Files\PC-Doctor for

Windows\pcdr5cuiw32.exe [2009-07-

02] (PC-Doctor, Inc.)
Task: {726F081B-293C-4B46-8725-

F09B51D31EC8} - \ProgramRefresh-

ATFST No Task File <====

ATTENTION
Task: {72B810CC-FF0E-4D5E-A275-

971FD7D12A79} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\HP Support Assistant Quick

Start => C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\HPSF.exe [2013-11-04]

(Hewlett-Packard Company)
Task: {7B4207E6-F2CF-45C3-BE5B-

742E3CAC74BD} - System32\Tasks

\Adobe Flash Player Updater => C:

\Windows\SysWOW64\Macromed

\Flash\FlashPlayerUpdateService.exe

[2015-04-15] (Adobe Systems

Incorporated)
Task: {8D9E64D7-9597-4BFE-BFFB-

66505B2C918F} - System32\Tasks\HP

Photo Creations Communicator =>

C:\ProgramData\HP Photo Creations

\Communicator.exe [2014-12-31] ()
Task: {917BB944-4725-4B52-A174-

A2ABC541FCF6} - System32\Tasks

\GoogleUpdateTaskMachineCore =>

C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe [2014-10

-18] (Google Inc.)
Task: {922ECA91-B0D0-4F5E-9E67-

09CAA18910A8} - System32\Tasks

\{95EEF560-9095-4226-A149-

6BC6A070B950} => C:\Program Files

(x86)\iWin Games\iWinGames.exe
Task: {92F47BF9-5F86-45CD-8F3F-

64C84078CC81} - System32\Tasks

\Microsoft\Windows\Setup\gwx

\refreshgwxconfig => C:\Windows

\system32\GWX

\GWXConfigManager.exe [2015-05-

07] (Microsoft Corporation)
Task: {98B4F376-E5F1-4AB0-91B1-

0ABE576B94B1} - System32\Tasks

\Google Update => C:\Users

\Sinnfamily\AppData\Local\Google

\Update\GoogleUpdate.exe [2014-10

-22] (Google Inc.)
Task: {9C41A200-A3BC-4255-A88B-

9B094C22A07A} - System32\Tasks

\Adobe Reader and Acrobat Manager

=> C:\Program Files (x86)\Common

Files\Adobe\ARM\1.0\AdobeARM.exe

[2014-11-20] (Adobe Systems

Incorporated)
Task: {9EB87832-63D6-47B0-AA08-

D15DEE543D72} - System32\Tasks

\RealUpgradeLogonTaskS-1-5-21-

2643768202-156854014-2583388340

-1001 => C:\Program Files

(x86)\Real\RealUpgrade

\RealUpgrade.exe
Task: {A44BA7CF-38BA-4AD1-B970-

82B6530D3FC7} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant

\WarrantyChecker_CN47T1507X =>

C:\Program Files (x86)\Hewlett-

Packard\HP Support Framework

\Resources\HPWarrantyCheck

\HPWarrantyChecker.exe [2015-04-

14] (Hewlett-Packard)
Task: {B3D5A209-57D7-42F6-B758-

196D312C9C98} - System32\Tasks

\Microsoft_Hardware_Launch_rundll3

2_exe => Rundll32.exe

url.dll,OpenURL

http://go.microsoft.com/fwlink/?

LinkId=116866
Task: {C0096E98-F13A-47F0-8A91-

66B0763601AF} - System32\Tasks

\HPCeeScheduleForSinnfamily => C:

\Program Files (x86)\Hewlett-Packard

\HP Ceement\HPCEE.exe [2011-07-

15] (Hewlett-Packard)
Task: {C8FF2829-6472-46F5-9C86-

D0D000FA13BC} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\PC Health Analysis => C:

\Program Files (x86)\Hewlett-Packard

\HP Support Framework\HPSF.exe

[2013-11-04] (Hewlett-Packard

Company)
Task: {D273146D-2A8C-4339-9A6C-

9BBB18BDE05C} - System32\Tasks

\RunAsStdUser Task => C:\Program

Files (x86)\iWin Games

\iWinGames.exe
Task: {D5082955-084C-42C7-A1B3-

92418DAF3313} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\PC Tuneup => C:\Program

Files (x86)\Hewlett-Packard\HP

Support Framework\HPSF.exe [2013-

11-04] (Hewlett-Packard Company)
Task: {DB23E848-922E-43C5-B7F1-

B5FA7DADE589} -

\ProgramUpdateCheck No Task File

<==== ATTENTION
Task: {DCA7AA00-2695-42E5-8448-

76A39D4A6B9E} - System32\Tasks

\CLMLSvc => c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\Kernel\CLML\CLMLSvc.exe

[2009-12-01] (CyberLink)
Task: {E853C7A8-D1A1-4AF6-A451-

747EB0D00AC1} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001UA => C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe [2014-10-22]

(Google Inc.)
Task: {EBD141B3-63E0-4A72-8E9C-

DF3AB841FB16} - System32\Tasks

\{47742B60-D7A2-424D-8371-

21724FCD2E7C} => C:\Program Files

(x86)\Skype\\Phone\Skype.exe
Task: {EDBB4BBF-2315-401E-BD70-

20E9ACAB5586} - System32\Tasks

\Java Update Scheduler => C:

\Program Files (x86)\Common Files

\Java\Java Update\jusched.exe [2015

-04-10] (Oracle Corporation)
Task: {F8D7255A-057C-4D5B-B371-

5DEDDE35203D} - System32\Tasks

\Hewlett-Packard\HP Support

Assistant\Update Check => C:

\ProgramData\Hewlett-Packard\HP

Support Framework\Resources

\Updater7\HPSFUpdater.exe [2014-

05-12] (Hewlett-Packard Company)
Task: {FA4F0B45-642B-4CEA-BAD2-

2808F9D8A5D9} - System32\Tasks\HP

online update program => c:

\Program Files (x86)\HP\HP Software

Update\HPWuSchd2.exe [2013-05-30]

(Hewlett-Packard)
Task: {FD855F12-7FA9-431D-8FD0-

621F646AB67E} - System32\Tasks

\HPCustParticipation HP ENVY 4500

series => C:\Program Files\HP\HP

ENVY 4500 series\Bin

\HPCustPartic.exe [2014-03-06]

(Hewlett-Packard Co.)
Task: {FDB407C0-6848-489E-9081-

B52D1DB72EC6} - System32\Tasks

\ROC_REG_JAN_DELETE => C:

\ProgramData\AVG January 2013

Campaign\ROC.exe [2013-01-17] ()
Task: C:\Windows\Tasks\Adobe Flash

Player Updater.job => C:\Windows

\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks

\FreeFileViewerUpdateChecker.job

=> C:\Program Files

(x86)\FreeFileViewer

\FFVCheckForUpdates.exe <====

ATTENTION
Task: C:\Windows\Tasks

\GoogleUpdateTaskMachineCore.job

=> C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks

\GoogleUpdateTaskMachineUA.job

=> C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001Core.job => C:\Users

\Sinnfamily\AppData\Local\Google

\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks

\GoogleUpdateTaskUserS-1-5-21-

2643768202-156854014-2583388340

-1001UA.job => C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo

Creations Communicator.job => C:

\ProgramData\HP Photo Creations

\Communicator.exe
Task: C:\Windows\Tasks

\HPCeeScheduleForSinnfamily.job =>

C:\Program Files (x86)\Hewlett-

Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks

\PCDRScheduledMaintenance.job =>

C:\Program Files\PC-Doctor for

Windows\pcdr5cuiw32.exe5-fh

scripts\monthly.xml
Task: C:\Windows\Tasks

\ROC_REG_JAN_DELETE.job => C:

\ProgramData\AVG January 2013

Campaign\ROC.exe

====================

Loaded Modules (Whitelisted)

==============

2013-08-14 15:19 - 2013-08-14 15:19

- 00039056 _____ () C:\Program Files

(x86)\RealNetworks\RealDownloader

\rndlresolversvc.exe
2015-05-20 18:26 - 2015-05-20 18:26

- 00104400 _____ () C:\Program Files

\AVAST Software\Avast\log.dll
2015-05-20 18:26 - 2015-05-20 18:26

- 00081728 _____ () C:\Program Files

\AVAST Software\Avast

\JsonRpcServer.dll
2015-05-22 15:35 - 2015-05-22 15:35

- 02931200 _____ () C:\Program Files

\AVAST Software\Avast\defs

\15052201\algo.dll
2015-05-20 18:26 - 2015-05-20 18:26

- 40540672 _____ () C:\Program Files

\AVAST Software\Avast\libcef.dll
2015-04-15 09:00 - 2015-04-15 09:00

- 16863920 _____ () C:\Windows

\SysWOW64\Macromed\Flash

\NPSWF32_17_0_0_169.dll

====================

Alternate Data Streams (Whitelisted)

=========

(If an entry is included in the fixlist,

only the ADS will be removed.)

AlternateDataStreams: C:

\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:

\ProgramData\Temp:373E1720
AlternateDataStreams: C:

\ProgramData\Temp:4A74A9A7
AlternateDataStreams: C:

\ProgramData\Temp:6611AB82
AlternateDataStreams: C:

\ProgramData\Temp:972E051C

==================== Safe

Mode (Whitelisted)

===================

(If an item is included in the fixlist, it

will be removed from the registry. The

"AlternateShell" will be restored.)


==================== EXE

Association (Whitelisted)

===============

(If an entry is included in the fixlist,

the registry item will be restored to

default or removed.)


====================

Internet Explorer trusted/restricted

===============

(If an entry is included in the fixlist, it

will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\skillsoft.com ->

hxxp://support.skillsoft.com
IE trusted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\usaa.com ->

hxxps://www.usaa.com

IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\007guard.com ->

install.007guard.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\032439.com ->

80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\0scan.com ->

www.0scan.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1-2005-search.com ->

www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1-domains-registrations.com

-> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1000gratisproben.com ->

www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\1001namen.com ->

www.1001namen.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\100888290cs.com ->

mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\100sexlinks.com ->

www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\10sek.com ->

www.10sek.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123fporn.info ->

www.123fporn.info
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123haustiereundmehr.com

-> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123moviedownload.com ->

www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-

2643768202-156854014-2583388340

-1001\...\123simsen.com ->

www.123simsen.com

There are 7369 more restricted sites.

====================

Other Areas

=======================

=====

(Currently there is no automatic fix for

this section.)

HKU\S-1-5-21-2643768202-

156854014-2583388340-1001\Control

Panel\Desktop\\Wallpaper -> C:

\Users\Sinnfamily\AppData\Roaming

\Microsoft\Windows\Themes

\TranscodedWallpaper.jpg
DNS Servers: 173.225.144.10 -

173.225.144.70

====================

MSCONFIG/TASK MANAGER Error

getting ==

(Currently there is no automatic fix for

this section.)

MSCONFIG\startupfolder:

C:^ProgramData^Microsoft^Windows

^Start

Menu^Programs^Startup^PictureMov

er.lnk => C:\Windows\pss

\PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder:

C:^Users^Sinnfamily^AppData^Roa

ming^Microsoft^Windows^Start

Menu^Programs^Startup^Monitor

Ink Alerts - HP ENVY 4500 series.lnk

=> C:\Windows\pss\Monitor Ink

Alerts - HP ENVY 4500

series.lnk.Startup
MSCONFIG\startupfolder:

C:^Users^Sinnfamily^AppData^Roa

ming^Microsoft^Windows^Start

Menu^Programs^Startup^OpenOffic

e.org 3.3.lnk => C:\Windows\pss

\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: APSDaemon

=> "C:\Program Files (x86)\Common

Files\Apple\Apple Application Support

\APSDaemon.exe"
MSCONFIG\startupreg:

ChristmasHolidayLaughs Search

Scope Monitor => "C:

\PROGRA~2\CHRIST~2\bar\1.bin

\4msrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Family Tree

Builder Update => C:\Program Files

(x86)\MyHeritage\Bin

\FTBCheckUpdates.exe
MSCONFIG\startupreg: Google

Update => "C:\Users\Sinnfamily

\AppData\Local\Google\Update

\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Remote

Solution => %ProgramFiles%

\Hewlett-Packard\HP Remote

Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HPADVISOR

=> C:\Program Files (x86)\Hewlett-

Packard\HP Advisor\HPAdvisor.exe

view=DOCKVIEW
MSCONFIG\startupreg: hpsysdrv =>

c:\program files (x86)\hewlett-

packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IntelliPoint =>

"c:\Program Files\Microsoft

IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: NvCplDaemon

=> RUNDLL32.EXE C:\Windows

\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: SmartMenu

=> C:\Program Files\Hewlett-

Packard\HP MediaSmart

\SmartMenu.exe /background
MSCONFIG\startupreg: SpybotSD

TeaTimer => C:\Program Files

(x86)\Spybot - Search & Destroy

\TeaTimer.exe
MSCONFIG\startupreg:

UpdatePRCShortCut => "C:\Program

Files (x86)\Hewlett-Packard\Recovery

\MUITransfer\MUIStartMenu.exe" "C:

\Program Files (x86)\Hewlett-Packard

\Recovery" UpdateWithCreateOnce

"Software\CyberLink\PowerRecover"

====================

FirewallRules (Whitelisted)

===============

(If an entry is included in the fixlist, it

will be removed from the registry. The

file will not be moved unless listed

separately.)

FirewallRules: [{862AFB70-51E0-

4527-A271-8089B56E8C4F}] =>

(Allow) c:\Program Files

(x86)\CyberLink\PowerDirector

\PDR.EXE
FirewallRules: [{C18F71C2-F36F-

4625-AB27-90EEB8D1E479}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartMusic.exe
FirewallRules: [{385AA1C8-3FA9-

4B3B-BD9E-7367B718C947}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartPhoto.exe
FirewallRules: [{AF8F13B3-F77D-

4B1A-A975-B0E42F3F829E}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartVideo.exe
FirewallRules: [{92E9E16B-95EC-

46F4-B8B4-D8B4C5855C30}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\TSMAgent.exe
FirewallRules: [{FC56BC42-4EC5-

45EA-AC62-97E5A14B0D6F}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{05E9270A-E3F2-

4A90-9AF9-0531E88870E4}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartMusic.exe
FirewallRules: [{AC5E908D-A55B-

4F73-B15C-CFB0F6EBD26D}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartPhoto.exe
FirewallRules: [{FA0AE581-0A66-

43A8-8CB7-EE5700994EE7}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\HPTouchSmartVideo.exe
FirewallRules: [{2CC2996A-B44E-

4A2D-AE0C-D3C753CC0F22}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\TSMAgent.exe
FirewallRules: [{ED0C4EDA-F45E-

4296-93BB-4D28D09994E2}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\TouchSmart

\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{2E4E8EDE-C9CE-

4343-8260-A16DE0E95A03}] =>

(Allow) c:\Program Files

(x86)\Hewlett-Packard\Media\DVD

\HPDVDSmart.exe
FirewallRules: [{764617C5-1D03-

4EEB-BB6D-7672F4F38A7B}] =>

(Allow) C:\Program Files

(x86)\Common Files\Apple\Apple

Application Support

\WebKit2WebProcess.exe
FirewallRules: [TCP Query User

{994A22F0-68B9-4379-B5E1-

15A52E7F438D}C:\program files

(x86)\internet explorer\iexplore.exe]

=> (Block) C:\program files

(x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User

{6B53A456-3420-4983-B732-

CAD108778133}C:\program files

(x86)\internet explorer\iexplore.exe]

=> (Block) C:\program files

(x86)\internet explorer\iexplore.exe
FirewallRules: [{43230E3A-F961-

4F8F-8602-AB42EFBEDA78}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPWarrantyCheck

\HPWarrantyChecker.exe
FirewallRules: [TCP Query User

{2AEFA044-16C5-4238-B681-

8418467C5584}C:\program files

(x86)\hp\common

\hpdevicedetection3.exe] => (Allow)

C:\program files (x86)\hp\common

\hpdevicedetection3.exe
FirewallRules: [UDP Query User

{091005CC-A496-4F92-9DA6-

417FD38247FB}C:\program files

(x86)\hp\common

\hpdevicedetection3.exe] => (Allow)

C:\program files (x86)\hp\common

\hpdevicedetection3.exe
FirewallRules: [{8B135CC0-C6E0-

4069-B143-AD1F8F02841E}] =>

(Allow) C:\Program Files

(x86)\FreeFileViewer

\FFVCheckForUpdates.exe
FirewallRules: [{A4B859C2-5460-

4CB6-928D-57A5938BE20C}] =>

(Allow) C:\Program Files\HP\HP ENVY

4500 series\Bin\DeviceSetup.exe
FirewallRules: [{1DF73D99-F679-

4C80-93F8-B2A2ED120C2E}] =>

(Allow) LPort=5357
FirewallRules: [{C6EFD0B0-9F11-

4CDB-8D30-004DB350980F}] =>

(Allow) C:\Program Files\HP\HP ENVY

4500 series\Bin

\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User

{127708EF-BEB7-418B-B25C-

B54170BF40A1}C:\program files

(x86)\mozilla firefox\firefox.exe] =>

(Allow) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [UDP Query User

{C9FF2BD2-15F0-499F-9022-

0D9509EBF9D3}C:\program files

(x86)\mozilla firefox\firefox.exe] =>

(Allow) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [{D3397118-8472-

4381-AC23-FF7ED3BD3CF1}] =>

(Block) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [{82CEA311-9153-

4A12-ADE0-5A2ED5A52AA3}] =>

(Block) C:\program files (x86)\mozilla

firefox\firefox.exe
FirewallRules: [{21183FC2-B84E-

4444-8F8D-D71894E4F72E}] =>

(Allow) C:\Program Files (x86)\Mozilla

Firefox\firefox.exe
FirewallRules: [{8C049D7F-3109-

4691-935E-FDD25D6565CA}] =>

(Allow) C:\Program Files (x86)\Mozilla

Firefox\firefox.exe
FirewallRules: [{21BFE7F7-E7BC-

4CB6-89E4-12D8FBB42846}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgnsa.exe
FirewallRules: [{55C6E141-EDA0-

408D-8D7C-8C9686C535DB}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgnsa.exe
FirewallRules: [{D023B66A-0EC2-

406D-8FB7-32166B367688}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgdiagex.exe
FirewallRules: [{B38C3E4D-7DA4-

45F6-AA03-5F270DF6F79E}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgdiagex.exe
FirewallRules: [{C37D1B0D-989A-

4AB2-9D1D-B0F80D5A75B1}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgmfapx.exe
FirewallRules: [{D8FF93A6-3DE4-

40BC-947B-44A6A7A1CEE0}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgmfapx.exe
FirewallRules: [{31143E86-0CAB-

45BF-8A62-B10592C8D831}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgemca.exe
FirewallRules: [{FA2DB4C0-236C-

410E-8DB5-B7A4F3C1F6FA}] =>

(Allow) C:\Program Files (x86)\AVG

\AVG2015\avgemca.exe
FirewallRules: [{7133564D-8800-

4463-9B55-7C6DF7E54531}] =>

(Allow) C:\Program Files

(x86)\Hewlett-Packard\HP Support

Framework\Resources

\HPWarrantyCheck

\HPDeviceDetection3.exe

====================

Faulty Device Manager Devices

=============

Name: qknfd
Description: qknfd
Class Guid: {8ECC055D-047F-11D1-

A537-0000F8753ED1}
Manufacturer:
Service: qknfd
Problem: : This device is not present,

is not working properly, or does not

have all its drivers installed. (Code 24)
Resolution: The device is installed

incorrectly. The problem could be a

hardware failure, or a new driver

might be needed.
Devices stay in this state if they have

been prepared for removal.
After you remove the device, this

error disappears.Remove the device,

and this error should be resolved.


====================

Event log errors:

=======================

==

Application errors:
==================
Error: (05/22/2015 09:50:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:49:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:48:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:47:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:46:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:45:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:44:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:43:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:42:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:41:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered


System errors:
=============
Error: (05/22/2015 08:22:52 PM)

(Source: DCOM) (EventID: 10010)

(User: )
Description: {995C996E-D918-4A8C-

A302-45719A6F4EA7}

Error: (05/22/2015 04:09:22 PM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd

Error: (05/22/2015 04:09:20 PM)

(Source: Service Control Manager)

(EventID: 7024) (User: )
Description: The AVGIDSAgent service

terminated with service-specific error

%%-536753637.

Error: (05/22/2015 03:55:44 PM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd

Error: (05/22/2015 03:55:42 PM)

(Source: Service Control Manager)

(EventID: 7024) (User: )
Description: The AVGIDSAgent service

terminated with service-specific error

%%-536753637.

Error: (05/22/2015 04:36:15 AM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd

Error: (05/22/2015 04:36:14 AM)

(Source: Service Control Manager)

(EventID: 7024) (User: )
Description: The AVGIDSAgent service

terminated with service-specific error

%%-536753637.

Error: (05/21/2015 04:38:17 PM)

(Source: Service Control Manager)

(EventID: 7011) (User: )
Description: A timeout (30000

milliseconds) was reached while

waiting for a transaction response

from the Netman service.

Error: (05/21/2015 07:49:17 AM)

(Source: Service Control Manager)

(EventID: 7011) (User: )
Description: A timeout (30000

milliseconds) was reached while

waiting for a transaction response

from the Netman service.

Error: (05/20/2015 07:38:52 PM)

(Source: Service Control Manager)

(EventID: 7026) (User: )
Description: The following boot-start

or system-start driver(s) failed to

load:
qknfd


Microsoft Office:
=======================

==
Error: (05/22/2015 09:50:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:49:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:48:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:47:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:46:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:45:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:44:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:43:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:42:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered

Error: (05/22/2015 09:41:53 PM)

(Source: SDWinSec.exe) (EventID: 0)

(User: )
Description: Class not registered


====================

Memory info

=======================

====

Processor: AMD Athlon(tm) II X4 620

Processor
Percentage of memory in use: 23%
Total physical RAM: 7935.23 MB
Available physical RAM: 6044.9 MB
Total Pagefile: 15868.68 MB
Available Pagefile: 13298.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

====================

Drives

=======================

=========

Drive c: (HP) (Fixed) (Total:584.07

GB) (Free:513.34 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed)

(Total:12 GB) (Free:2.18 GB) NTFS

==>[System with boot components

(obtained from reading drive)]
Drive e: (Pictures) (CDROM)

(Total:0.69 GB) (Free:0.08 GB) UDF

==================== MBR

& Partition Table

==================

=======================

=======================

==========
Disk: 0 (Size: 596.2 GB) (Disk ID:

1549F232)
Partition 1: (Active) - (Size=100 MB) -

(Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.1

GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=12

GB) - (Type=07 NTFS)

==================== End

of log

=======================

=====

=====

 

[argus]

Please re-run Farbar, Farbar is here C:\Users\Sinnfamily\Downloads

 

[argus]

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

​

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

 

[LovesHounds]

Here is the new one

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Sinnfamily (administrator) on SINNFAMILY-PC on 22-05-2015 22:26:19
Running from C:\Users\Sinnfamily\Downloads
Loaded Profiles: Sinnfamily (Available profiles: Sinnfamily)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-20] (Avast Software s.r.o.)
HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-20] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {1235B3BB-2B63-4F90-BA16-37F536739926} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {BFE680F5-69D4-4A76-A974-C15503F8F00B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1235B3BB-2B63-4F90-BA16-37F536739926} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BFE680F5-69D4-4A76-A974-C15503F8F00B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-20] (Avast Software s.r.o.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-20] (Avast Software s.r.o.)
BHO-x32: hpBHO Class -> {ABD3B5E1-B268-407B-A150-2641DAB8D898} -> C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll [2009-06-08] (AOL Products)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - No File
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2643768202-156854014-2583388340-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/61.18/uploader2.cab
DPF: HKLM-x32 {49E67060-2C0D-415E-94C7-52A49F73B2F1} http://zone.msn.com/bingame/pppp/default/PiratePoppers.1.0.0.39.cab
DPF: HKLM-x32 {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
DPF: HKLM-x32 {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://zone.msn.com/binGame/ZAxRcMgr.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/BINGAME/POPCAPLOADER_V10.CAB
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://petsmartcharities.webex.com/client/T27LD/webex/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 173.225.144.10 173.225.144.70

FireFox:
========
FF ProfilePath: C:\Users\Sinnfamily\AppData\Roaming\Mozilla\Firefox\Profiles\4iuichbd.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.facebook.com/?ref=logo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-05] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @talk.google.com/O1DPlugin -> C:\Users\Sinnfamily\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sinnfamily\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2643768202-156854014-2583388340-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sinnfamily\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF user.js: detected! => C:\Users\Sinnfamily\AppData\Roaming\Mozilla\Firefox\Profiles\4iuichbd.default\user.js [2013-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2013-08-02] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Sinnfamily\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Sinnfamily\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-20]

Chrome:
=======
CHR Profile: C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-04]
CHR Extension: (No Name) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbgbcgglihpocekaopnclahmonoolicp [2013-08-22]
CHR Extension: (Google Search) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-04]
CHR Extension: (Bookmark Manager) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-20]
CHR Extension: (Avast Online Security) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-20]
CHR Extension: (RealDownloader) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Hangouts) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-08-08]
CHR Extension: (Google Wallet) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Sinnfamily\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-20]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-20] (Avast Software s.r.o.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1517480 2015-04-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 EFS; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 nvsvc; C:\Windows\SysWOW64\nvvsvc.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
S3 ProtectedStorage; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SamSs; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
S3 VaultSvc; C:\Windows\SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-20] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-20] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-20] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-20] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-20] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-20] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-06-22] ()
S1 qknfd; system32\drivers\qknfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 22:26 - 2015-05-22 22:26 - 00020603 _____ () C:\Users\Sinnfamily\Downloads\FRST.txt
2015-05-21 21:21 - 2015-05-22 16:17 - 00093039 _____ () C:\Users\Sinnfamily\Desktop\FRST.txt
2015-05-21 21:21 - 2015-05-22 16:16 - 00040677 _____ () C:\Users\Sinnfamily\Desktop\Addition.txt
2015-05-21 20:35 - 2015-05-22 22:26 - 00000000 ____D () C:\FRST
2015-05-21 20:34 - 2015-05-21 20:34 - 02108416 _____ (Farbar) C:\Users\Sinnfamily\Downloads\FRST64.exe
2015-05-21 20:21 - 2015-05-21 20:22 - 00465432 _____ () C:\Users\Sinnfamily\Downloads\ESETPoweliksCleaner.exe_20150521.202107.4028.log
2015-05-21 20:21 - 2015-05-21 20:21 - 00000022 _____ () C:\Users\Sinnfamily\Downloads\ESETPoweliksCleaner.exe_20150521.202107.4028.zip
2015-05-21 20:19 - 2015-05-21 20:19 - 00221384 _____ (ESET) C:\Users\Sinnfamily\Downloads\ESETPoweliksCleaner.exe
2015-05-20 19:51 - 2015-05-20 19:52 - 00001484 _____ () C:\Windows\IE11_main.log
2015-05-20 19:51 - 2015-05-20 19:51 - 55915216 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\IE11-Windows6.1-x64-en-us.exe
2015-05-20 18:27 - 2015-05-20 18:27 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\AVAST Software
2015-05-20 18:26 - 2015-05-20 18:26 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-20 18:26 - 2015-05-20 18:26 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-20 18:26 - 2015-05-20 18:26 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-20 18:26 - 2015-05-20 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-20 18:25 - 2015-05-20 18:25 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-20 18:24 - 2015-05-20 18:24 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Sinnfamily\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-05-20 18:24 - 2015-05-20 18:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-20 16:54 - 2015-05-20 16:54 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.135558928799315.1.4.Run.exe
2015-05-20 16:43 - 2015-05-20 16:43 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run (2).exe
2015-05-20 16:38 - 2015-05-20 16:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run (1).exe
2015-05-20 16:34 - 2015-05-20 16:34 - 00039148 _____ () C:\Users\Sinnfamily\Downloads\ResultReport.html
2015-05-20 16:33 - 2015-05-20 16:44 - 00000000 ____D () C:\MATS
2015-05-20 16:32 - 2015-05-20 16:32 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2015-05-20 15:52 - 2015-05-22 16:28 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-20 15:51 - 2015-05-20 16:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-20 15:51 - 2015-05-20 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-20 15:51 - 2015-05-20 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-20 15:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-20 15:51 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-20 15:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-20 15:50 - 2015-05-20 15:50 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sinnfamily\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-20 10:40 - 2015-05-20 10:40 - 00073896 _____ () C:\Users\Sinnfamily\Downloads\[SURVEY PREVIEW MODE] Spring into Summer Feedback 2014 Survey Last years.htm
2015-05-20 10:32 - 2015-05-22 16:09 - 00000616 _____ () C:\Windows\setupact.log
2015-05-20 10:32 - 2015-05-22 15:55 - 00079622 _____ () C:\Windows\PFRO.log
2015-05-20 10:32 - 2015-05-20 10:32 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-20 09:46 - 2015-05-20 09:46 - 00003874 _____ () C:\Windows\System32\Tasks\Google Update
2015-05-20 09:46 - 2015-05-20 09:46 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2015-05-20 09:37 - 2015-05-20 09:37 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Local\Avg
2015-05-17 14:05 - 2015-05-21 06:17 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Tre shower
2015-05-17 12:27 - 2015-05-17 12:27 - 00403453 _____ () C:\Users\Sinnfamily\Documents\Tom Daddy game.ods
2015-05-17 12:18 - 2015-05-17 12:18 - 00073896 _____ () C:\Users\Sinnfamily\Desktop\[SURVEY PREVIEW MODE] Spring into Summer Feedback 2014 Survey Last years.htm
2015-05-14 18:10 - 2015-05-17 04:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 16:02 - 2015-05-13 16:02 - 00010896 _____ () C:\Users\Sinnfamily\Desktop\upcoming events.odt
2015-05-13 03:03 - 2015-05-01 08:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:03 - 2015-05-01 08:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 14:49 - 2015-05-04 20:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 14:49 - 2015-05-04 20:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 14:49 - 2015-04-21 21:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 20:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 14:49 - 2015-04-21 12:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 14:49 - 2015-04-21 12:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 12:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 14:49 - 2015-04-21 11:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 14:49 - 2015-04-21 11:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 14:49 - 2015-04-21 11:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 14:49 - 2015-04-21 11:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 11:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 14:49 - 2015-04-21 11:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 11:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 14:49 - 2015-04-21 11:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 14:49 - 2015-04-21 11:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 14:49 - 2015-04-21 11:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 14:49 - 2015-04-21 11:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 11:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 14:49 - 2015-04-21 11:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 14:49 - 2015-04-21 11:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 14:49 - 2015-04-21 11:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 14:49 - 2015-04-21 11:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 14:49 - 2015-04-21 11:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 14:49 - 2015-04-21 11:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 11:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 14:49 - 2015-04-21 11:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 11:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 14:49 - 2015-04-21 11:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 14:49 - 2015-04-21 11:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 14:49 - 2015-04-21 11:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 14:49 - 2015-04-21 10:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 14:49 - 2015-04-21 10:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 14:49 - 2015-04-21 10:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 14:49 - 2015-04-21 10:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 14:49 - 2015-04-21 10:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 14:49 - 2015-04-21 10:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 14:49 - 2015-04-21 10:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 14:49 - 2015-04-21 10:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 14:49 - 2015-04-21 10:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 14:49 - 2015-04-21 10:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 14:49 - 2015-04-21 10:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 14:49 - 2015-04-21 10:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 14:49 - 2015-04-21 10:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 14:49 - 2015-04-21 10:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 14:49 - 2015-04-21 10:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 14:49 - 2015-04-21 10:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 14:49 - 2015-04-21 10:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 14:49 - 2015-04-21 10:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 14:49 - 2015-04-21 09:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 14:49 - 2015-04-21 09:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 14:49 - 2015-04-17 22:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 14:49 - 2015-04-17 21:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 14:49 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 14:48 - 2015-04-27 14:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 14:48 - 2015-04-27 14:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 14:48 - 2015-04-27 14:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-12 14:48 - 2015-04-27 14:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 14:48 - 2015-04-27 14:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 14:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 14:48 - 2015-04-27 14:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 14:48 - 2015-04-27 14:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 14:48 - 2015-04-27 14:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-12 14:48 - 2015-04-27 14:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-12 14:48 - 2015-04-27 14:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 14:48 - 2015-04-27 14:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-12 14:48 - 2015-04-27 14:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 14:48 - 2015-04-27 14:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 14:48 - 2015-04-27 14:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-12 14:48 - 2015-04-27 14:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-12 14:48 - 2015-04-27 14:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 14:48 - 2015-04-27 14:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 13:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 14:48 - 2015-04-27 12:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-12 14:48 - 2015-04-27 12:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-12 14:48 - 2015-04-27 12:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 14:48 - 2015-04-27 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 14:48 - 2015-04-19 22:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 14:48 - 2015-04-19 22:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 14:48 - 2015-04-19 21:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 14:48 - 2015-04-19 21:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 14:48 - 2015-04-07 22:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 14:48 - 2015-04-07 22:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 14:48 - 2015-04-07 22:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 14:48 - 2015-03-03 23:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 14:48 - 2015-03-03 23:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 14:48 - 2015-03-03 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-12 14:48 - 2015-03-03 23:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-12 14:48 - 2015-03-03 23:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 14:48 - 2015-02-18 02:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 14:48 - 2015-02-18 02:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-12 14:48 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 14:48 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-11 22:02 - 2015-05-11 22:02 - 00000298 _____ () C:\Users\Sinnfamily\Desktop\parking.txt
2015-05-09 23:33 - 2015-05-09 23:33 - 00000488 _____ () C:\Users\Sinnfamily\Desktop\setup for Heather.txt
2015-05-07 19:04 - 2015-05-15 04:21 - 00020716 _____ () C:\Users\Sinnfamily\Desktop\planning.ods
2015-05-07 15:32 - 2015-05-07 15:32 - 00188416 _____ () C:\Users\Sinnfamily\Desktop\certificate-of-participation-1.pot
2015-04-27 10:01 - 2015-04-27 10:01 - 00000049 _____ () C:\Users\Sinnfamily\Desktop\link to JSA womans page.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 22:10 - 2014-12-31 22:06 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-05-22 22:00 - 2013-06-13 11:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-22 21:59 - 2011-02-15 13:35 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA.job
2015-05-22 21:49 - 2011-09-21 15:49 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 20:46 - 2009-11-26 12:46 - 01296714 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 18:20 - 2010-03-28 20:32 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Michelle stuff
2015-05-22 16:17 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-22 16:17 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 16:14 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-22 16:10 - 2013-03-20 10:23 - 00000412 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-05-22 16:10 - 2011-09-21 15:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 16:09 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 15:54 - 2011-02-15 13:35 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core.job
2015-05-21 19:58 - 2009-12-20 10:43 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\Adobe
2015-05-21 06:23 - 2011-11-11 21:22 - 00000114 _____ () C:\Users\Sinnfamily\jobq.dat
2015-05-21 06:22 - 2015-01-29 23:21 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\2015 SIS
2015-05-21 06:18 - 2011-04-11 23:59 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Family tree
2015-05-21 06:17 - 2014-01-17 20:26 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\SIS 2014
2015-05-21 06:17 - 2010-12-11 22:17 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\BBR handouts & interview stuff
2015-05-20 19:48 - 2010-09-17 22:46 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\New folder
2015-05-20 16:41 - 2010-09-30 09:14 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-20 16:13 - 2011-04-09 20:27 - 00000000 ____D () C:\Windows\RegisteredPackages
2015-05-20 16:12 - 2014-02-16 13:40 - 00000000 ____D () C:\Program Files\Conduit
2015-05-20 16:12 - 2014-02-16 13:40 - 00000000 ____D () C:\Program Files (x86)\Conduit
2015-05-20 15:34 - 2012-01-01 11:18 - 00000000 ____D () C:\Windows\pss
2015-05-20 10:32 - 2014-12-13 20:32 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForSinnfamily.job
2015-05-20 09:45 - 2011-01-10 18:38 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\Skype
2015-05-20 09:45 - 2009-12-21 17:00 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\HpUpdate
2015-05-20 09:45 - 2009-08-21 14:36 - 00000000 ____D () C:\ProgramData\Temp
2015-05-20 09:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-05-20 09:40 - 2012-10-06 19:07 - 00000000 ____D () C:\ProgramData\AVG
2015-05-20 09:39 - 2011-11-04 00:29 - 00000000 ____D () C:\Users\Sinnfamily\AppData\Roaming\AVG
2015-05-20 09:39 - 2010-02-21 19:42 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-20 08:10 - 2014-12-13 20:32 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSinnfamily
2015-05-20 07:56 - 2009-07-14 00:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-19 18:32 - 2012-04-08 14:23 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\BBR2012
2015-05-19 18:10 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 18:10 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-18 15:30 - 2011-04-09 20:27 - 00000000 ____D () C:\Users\Sinnfamily\Documents\Family Tree Maker
2015-05-17 04:54 - 2011-02-15 13:35 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA
2015-05-17 04:54 - 2011-02-15 13:35 - 00003512 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core
2015-05-17 04:28 - 2014-02-14 21:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-16 19:27 - 2015-03-01 00:55 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-15 15:44 - 2011-09-21 15:49 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 15:44 - 2011-09-21 15:49 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 06:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-05-13 03:36 - 2009-07-13 23:45 - 00359008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 03:35 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 03:35 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 03:32 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 03:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 03:13 - 2013-08-01 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 03:08 - 2009-12-23 06:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 03:03 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 08:30 - 2012-08-08 23:54 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Newletter
2015-05-04 09:08 - 2010-01-14 19:11 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Bills paid
2015-05-04 08:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-04 07:48 - 2010-04-20 06:30 - 00000000 ____D () C:\Users\Sinnfamily\Desktop\Scot's stuff
2015-05-04 07:46 - 2009-12-20 13:58 - 00029720 _____ () C:\Users\Sinnfamily\AppData\Roaming\wklnhst.dat
2015-04-30 16:38 - 2009-12-20 18:16 - 00000552 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-04-30 07:06 - 2014-03-31 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-27 11:37 - 2013-10-22 08:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-27 11:37 - 2010-04-02 05:20 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-27 11:36 - 2014-10-20 16:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2014-11-28 06:27 - 2015-03-12 23:04 - 0000115 _____ () C:\Users\Sinnfamily\AppData\Roaming\LogFile.txt
2009-12-20 13:58 - 2015-05-04 07:46 - 0029720 _____ () C:\Users\Sinnfamily\AppData\Roaming\wklnhst.dat
2011-10-04 16:39 - 2014-03-11 08:40 - 0123098 _____ () C:\Users\Sinnfamily\AppData\Local\ars.cache
2011-10-04 16:39 - 2014-03-11 08:40 - 1687450 _____ () C:\Users\Sinnfamily\AppData\Local\census.cache
2010-01-21 22:06 - 2010-01-21 22:06 - 0000036 _____ () C:\Users\Sinnfamily\AppData\Local\housecall.guid.cache
2011-11-04 15:30 - 2012-03-02 15:37 - 0007616 _____ () C:\Users\Sinnfamily\AppData\Local\Resmon.ResmonCfg
2014-03-11 08:09 - 2014-03-11 08:09 - 0000010 _____ () C:\Users\Sinnfamily\AppData\Local\sponge.last.runtime.cache
2012-07-02 13:31 - 2012-07-02 13:31 - 2799039 _____ () C:\Users\Sinnfamily\AppData\Local\tmp008.JPG
2012-08-06 12:29 - 2012-08-06 12:30 - 2124933 _____ () C:\Users\Sinnfamily\AppData\Local\tmp1.JPG
2011-03-22 12:37 - 2011-03-22 12:37 - 0083509 _____ () C:\Users\Sinnfamily\AppData\Local\tmp162721_1808201247450_1312501035_2079019_43889_N[1].JPG
2011-08-23 20:28 - 2011-08-23 20:28 - 0014004 _____ () C:\Users\Sinnfamily\AppData\Local\tmp168319_1869646863991_1325676592_2419376_8148056_N.JPG
2012-04-18 11:45 - 2012-04-18 11:45 - 1242447 _____ () C:\Users\Sinnfamily\AppData\Local\tmp2012-04-17_21-38-59_182.0
2012-04-18 11:45 - 2012-04-18 11:45 - 0499522 _____ () C:\Users\Sinnfamily\AppData\Local\tmp2012-04-17_21-38-59_182.JPG
2012-10-23 11:40 - 2012-10-23 11:40 - 1284650 _____ () C:\Users\Sinnfamily\AppData\Local\tmp20120205PARADE AWARD0001.0
2012-10-23 11:40 - 2012-10-23 11:40 - 0833582 _____ () C:\Users\Sinnfamily\AppData\Local\tmp20120205PARADE AWARD0001.JPG
2011-05-08 17:02 - 2011-05-08 17:02 - 0012434 _____ () C:\Users\Sinnfamily\AppData\Local\tmp222240_158756360853195_100001564965041_380420_6001237_N.JPG
2011-06-18 23:29 - 2011-06-18 23:29 - 0276955 _____ () C:\Users\Sinnfamily\AppData\Local\tmp257237_117407341680488_100002336692814_156079_3039679_O.0
2011-06-18 23:29 - 2011-06-18 23:29 - 0247997 _____ () C:\Users\Sinnfamily\AppData\Local\tmp257237_117407341680488_100002336692814_156079_3039679_O.JPG
2012-10-28 12:49 - 2012-10-28 12:49 - 0040236 _____ () C:\Users\Sinnfamily\AppData\Local\tmp2B98A1C0D66B.JPG
2012-07-23 17:15 - 2012-07-23 17:15 - 0042681 _____ () C:\Users\Sinnfamily\AppData\Local\tmp530065_10151032695518389_1500591922_N.JPG
2011-10-04 09:19 - 2011-10-04 09:19 - 0105908 _____ () C:\Users\Sinnfamily\AppData\Local\tmp533706_DEFAULT.JPG
2011-03-22 12:30 - 2011-03-22 12:30 - 0044793 _____ () C:\Users\Sinnfamily\AppData\Local\tmp6776_1225016944450_1199798880_30669952_5465887_N[1].JPG
2012-03-04 15:59 - 2012-03-04 15:59 - 0007307 _____ () C:\Users\Sinnfamily\AppData\Local\tmp70760_100000487607807_1907060964_N.0
2012-03-04 15:59 - 2012-03-04 15:59 - 0007478 _____ () C:\Users\Sinnfamily\AppData\Local\tmp70760_100000487607807_1907060964_N.1
2012-03-04 15:59 - 2012-03-04 15:59 - 0007635 _____ () C:\Users\Sinnfamily\AppData\Local\tmp70760_100000487607807_1907060964_N.JPG
2012-08-08 12:22 - 2012-08-08 12:22 - 0145542 _____ () C:\Users\Sinnfamily\AppData\Local\tmpBO0222.JPG
2010-06-14 19:30 - 2010-06-14 19:30 - 3815225 _____ () C:\Users\Sinnfamily\AppData\Local\tmpCURIOSITY[1].0
2010-06-14 19:30 - 2010-06-14 19:30 - 0749501 _____ () C:\Users\Sinnfamily\AppData\Local\tmpCURIOSITY[1].JPG
2012-08-12 10:03 - 2012-08-12 10:03 - 0078042 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDFJJDAYS.0
2012-08-12 10:03 - 2012-08-12 10:03 - 0073577 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDFJJDAYS.JPG
2012-08-04 13:50 - 2012-08-04 13:50 - 3744944 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDOTTY 2.JPG
2012-04-29 15:45 - 2012-04-29 15:45 - 3795290 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0066.JPG
2012-04-29 15:46 - 2012-04-29 15:46 - 4073377 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0067.JPG
2012-04-29 15:48 - 2012-04-29 15:48 - 3826196 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0068.JPG
2012-04-29 16:15 - 2012-04-29 16:15 - 3979096 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0069.JPG
2012-04-29 16:16 - 2012-04-29 16:16 - 3860447 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0071.JPG
2012-06-07 20:05 - 2012-06-07 20:05 - 1324937 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0113.0
2012-06-07 20:05 - 2012-06-07 20:05 - 1134693 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0113.JPG
2012-06-07 20:06 - 2012-06-07 20:10 - 1169968 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0114.0
2012-06-07 20:10 - 2012-06-07 20:10 - 1165070 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0114.JPG
2012-06-07 20:07 - 2012-06-07 20:07 - 1132928 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0115.0
2012-06-07 20:07 - 2012-06-07 20:07 - 1466839 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0115.JPG
2012-06-07 20:03 - 2012-06-07 20:03 - 1344625 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0121.0
2012-06-07 20:03 - 2012-06-07 20:03 - 0922643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0121.JPG
2012-06-07 20:02 - 2012-06-07 20:02 - 1354697 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0126.0
2012-06-07 20:02 - 2012-06-07 20:02 - 0861878 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0126.JPG
2012-06-07 23:55 - 2012-06-07 23:55 - 3874104 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0129.JPG
2012-06-07 23:56 - 2012-06-07 23:56 - 0293557 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0129_CROP.JPG
2012-07-30 23:17 - 2012-07-30 23:17 - 3818272 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0222.0
2012-07-30 23:17 - 2012-07-30 23:17 - 1247679 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0222.1
2012-07-30 23:17 - 2012-07-30 23:17 - 1317022 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0222.JPG
2012-07-30 23:18 - 2012-07-30 23:18 - 3680209 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0223.0
2012-07-30 23:18 - 2012-07-30 23:18 - 1890416 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0223.JPG
2012-07-30 23:20 - 2012-07-30 23:20 - 4060088 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0224.0
2012-07-30 23:20 - 2012-07-30 23:20 - 1670553 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0224.JPG
2012-07-30 23:21 - 2012-07-30 23:21 - 3876040 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0225.0
2012-07-30 23:21 - 2012-07-30 23:21 - 1243214 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0225.JPG
2012-07-30 23:15 - 2012-07-30 23:15 - 3911025 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0228.0
2012-07-30 23:15 - 2012-07-30 23:15 - 1859570 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0228.JPG
2012-07-30 23:13 - 2012-07-30 23:13 - 3925542 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0230.0
2012-07-30 23:13 - 2012-07-30 23:13 - 1701643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0230.JPG
2012-07-30 23:14 - 2012-07-30 23:14 - 3777079 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0231.0
2012-07-30 23:14 - 2012-07-30 23:14 - 1903590 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0231.JPG
2012-12-16 13:17 - 2012-12-16 13:17 - 2699209 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0423.0
2012-12-16 13:17 - 2012-12-16 13:17 - 0981494 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0423.JPG
2012-12-16 13:16 - 2012-12-16 13:16 - 2344082 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0427.JPG
2013-06-15 18:54 - 2013-06-15 18:54 - 3845545 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0646.JPG
2013-06-15 18:55 - 2013-06-15 18:55 - 3825319 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0648.JPG
2013-06-15 18:55 - 2013-06-15 18:55 - 3655438 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0654.JPG
2013-06-15 18:52 - 2013-06-15 18:52 - 3813732 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0657.JPG
2013-06-15 18:53 - 2013-06-15 18:53 - 3520275 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0661.JPG
2013-06-15 18:50 - 2013-06-15 18:50 - 3700495 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0662.JPG
2013-06-23 09:23 - 2013-06-23 09:23 - 3881342 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0669.JPG
2013-06-23 09:12 - 2013-06-23 09:12 - 4069139 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0683.JPG
2013-06-23 09:01 - 2013-06-23 09:01 - 3776503 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0692.JPG
2013-06-23 09:09 - 2013-06-23 09:09 - 3918280 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0693.JPG
2013-06-23 09:11 - 2013-06-23 09:11 - 4029641 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0694.JPG
2013-06-23 09:08 - 2013-06-23 09:08 - 3801721 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0695.JPG
2013-06-23 09:03 - 2013-06-23 09:03 - 4034112 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0696.0
2013-06-23 09:03 - 2013-06-23 09:03 - 1620362 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0696.JPG
2013-06-23 09:15 - 2013-06-23 09:15 - 3963372 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0699.JPG
2013-06-23 09:16 - 2013-06-23 09:16 - 3879562 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0700.JPG
2013-07-08 07:39 - 2013-07-08 07:39 - 4196228 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0709.JPG
2013-07-21 19:46 - 2013-07-21 19:46 - 3824830 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0757.JPG
2013-07-21 19:59 - 2013-07-21 19:59 - 4239298 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0766.JPG
2013-07-21 19:55 - 2013-07-21 19:55 - 3935137 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0775.0
2013-07-21 19:55 - 2013-07-21 19:55 - 1589176 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0775.JPG
2013-07-21 19:58 - 2013-07-21 19:58 - 3579938 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0777.0
2013-07-21 19:58 - 2013-07-21 19:58 - 1970441 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0777.JPG
2013-07-21 19:48 - 2013-07-21 19:48 - 3807746 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0779.0
2013-07-21 19:48 - 2013-07-21 19:48 - 1027164 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0779.JPG
2013-08-08 22:59 - 2013-08-08 22:59 - 3565728 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0824.JPG
2012-10-21 13:52 - 2012-10-21 13:52 - 2325452 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF0878.JPG
2010-01-16 21:18 - 2010-01-16 21:18 - 2048379 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1417.JPG
2010-07-10 09:40 - 2010-07-10 09:40 - 1265628 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1469.JPG
2010-05-31 07:57 - 2010-05-31 07:57 - 1277265 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1487.JPG
2010-05-31 07:42 - 2010-05-31 07:42 - 1272013 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1541.JPG
2010-06-06 09:18 - 2010-06-06 09:18 - 1263599 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1549.JPG
2010-06-06 09:20 - 2010-06-06 09:20 - 1301262 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1551.JPG
2010-06-06 09:22 - 2010-06-06 09:22 - 1306984 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1553.0
2010-06-06 09:22 - 2010-06-06 09:22 - 0547400 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1553.JPG
2010-06-06 09:23 - 2010-06-06 09:23 - 1309557 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1557.0
2010-06-06 09:23 - 2010-06-06 09:23 - 0473630 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1557.JPG
2010-06-06 09:25 - 2010-06-06 09:25 - 1267254 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1565.0
2010-06-06 09:25 - 2010-06-06 09:25 - 0594259 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1565.JPG
2010-06-06 09:27 - 2010-06-06 09:27 - 1339875 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1568.0
2010-06-06 09:27 - 2010-06-06 09:27 - 0520586 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1568.JPG
2010-06-06 09:29 - 2010-06-06 09:29 - 1280711 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1569.0
2010-06-06 09:29 - 2010-06-06 09:29 - 0518193 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1569.JPG
2010-06-06 09:30 - 2010-06-06 09:30 - 1274621 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1570.0
2010-06-06 09:30 - 2010-06-06 09:30 - 0599313 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1570.JPG
2010-06-06 09:32 - 2010-06-06 09:32 - 1304661 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1572.0
2010-06-06 09:32 - 2010-06-06 09:32 - 0564461 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1572.JPG
2010-06-06 09:33 - 2010-06-06 09:33 - 1300830 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1578.JPG
2010-08-22 20:39 - 2010-08-22 20:39 - 0121084 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1640.JPG
2010-08-22 20:44 - 2010-08-22 20:44 - 0117011 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1644.JPG
2010-08-22 20:41 - 2010-08-22 20:41 - 0117101 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1654.JPG
2010-08-30 11:06 - 2010-08-30 11:06 - 0122993 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1695.0
2010-08-30 11:06 - 2010-08-30 11:06 - 0060817 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1695.JPG
2010-09-06 18:15 - 2010-09-06 18:15 - 0124348 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1714.0
2010-09-06 18:15 - 2010-09-06 18:15 - 0108811 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1714.JPG
2010-09-06 18:22 - 2010-09-06 18:22 - 0118396 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1739.JPG
2010-09-06 18:20 - 2010-09-06 18:20 - 0118228 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1742.JPG
2010-09-06 18:21 - 2010-09-06 18:21 - 0114721 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1743.0
2010-09-06 18:21 - 2010-09-06 18:21 - 0041374 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1743.JPG
2010-09-06 18:19 - 2010-09-06 18:19 - 0118885 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1744.0
2010-09-06 18:19 - 2010-09-06 18:19 - 0045942 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1744.JPG
2010-09-07 12:21 - 2010-09-07 12:21 - 0120370 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1745.0
2010-09-07 12:21 - 2010-09-07 12:21 - 0052945 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1745.JPG
2010-09-07 12:24 - 2010-09-07 12:24 - 0114235 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1747.0
2010-09-07 12:24 - 2010-09-07 12:24 - 0040090 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1747.1
2010-09-07 12:24 - 2010-09-07 12:24 - 0041416 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1747.JPG
2010-10-03 18:18 - 2010-10-03 18:18 - 0119938 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1773.JPG
2010-12-19 18:29 - 2010-12-19 18:28 - 1293192 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1852.0
2010-12-19 18:29 - 2010-12-19 18:29 - 0614563 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1852.1
2010-12-19 18:29 - 2010-12-19 18:29 - 0614469 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1852.JPG
2010-12-19 18:27 - 2010-12-19 18:27 - 1280704 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.0
2010-12-19 18:27 - 2010-12-19 18:27 - 0580990 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.1
2010-12-19 18:27 - 2010-12-19 18:27 - 0580948 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.2
2010-12-19 18:27 - 2010-12-19 18:27 - 0580913 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.3
2010-12-19 18:27 - 2010-12-19 18:27 - 0580919 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1876.JPG
2010-12-24 22:15 - 2010-12-24 22:15 - 1305656 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.0
2010-12-24 22:15 - 2010-12-24 22:15 - 0567634 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.1
2010-12-24 22:16 - 2010-12-24 22:15 - 0567657 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.2
2010-12-24 22:16 - 2010-12-24 22:16 - 0567635 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.3
2010-12-24 22:16 - 2010-12-24 22:16 - 0567637 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1901.JPG
2010-12-24 22:14 - 2010-12-24 22:14 - 1277706 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1905.0
2010-12-24 22:14 - 2010-12-24 22:14 - 0599806 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1905.1
2010-12-24 22:14 - 2010-12-24 22:14 - 0599755 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1905.JPG
2011-01-07 00:56 - 2011-01-07 00:56 - 1284286 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1916.0
2011-01-07 00:56 - 2011-01-07 00:56 - 0611358 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1916.JPG
2011-02-05 01:04 - 2011-02-05 01:04 - 1306128 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1935.JPG
2011-02-05 01:06 - 2011-02-05 01:06 - 1310801 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1938.JPG
2011-02-05 01:07 - 2011-02-05 01:07 - 1283349 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1939.JPG
2011-02-05 01:09 - 2011-02-05 01:09 - 1268925 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1941.JPG
2011-02-05 01:10 - 2011-02-05 01:10 - 1267643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1942.JPG
2011-02-05 01:11 - 2011-02-05 01:11 - 1284254 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1943.JPG
2011-02-05 01:13 - 2011-02-05 01:14 - 1301055 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1947.0
2011-02-05 01:14 - 2011-02-05 01:14 - 0466224 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1947.JPG
2011-02-05 01:15 - 2011-02-05 01:15 - 1293138 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1949.0
2011-02-05 01:15 - 2011-02-05 01:15 - 0472954 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1949.JPG
2011-02-05 01:16 - 2011-02-05 01:16 - 1259107 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1950.0
2011-02-05 01:17 - 2011-02-05 01:16 - 0437101 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1950.JPG
2011-02-05 01:17 - 2011-02-05 01:17 - 1282235 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1954.JPG
2011-02-05 01:19 - 2011-02-05 01:19 - 1308872 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1960.JPG
2011-02-13 17:34 - 2011-02-13 17:34 - 1271178 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1963.JPG
2011-02-13 17:35 - 2011-02-13 17:35 - 1276081 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1964.JPG
2011-02-13 17:36 - 2011-02-13 17:36 - 1279742 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1965.JPG
2011-02-13 17:42 - 2011-02-13 17:42 - 1292904 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1972.0
2011-02-13 17:42 - 2011-02-13 17:42 - 0595188 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1972.JPG
2011-02-15 22:00 - 2011-02-15 22:00 - 1294126 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1986.JPG
2011-02-24 22:24 - 2011-02-24 22:24 - 1307352 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1991.0
2011-02-24 22:24 - 2011-02-24 22:24 - 0549948 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1991.JPG
2011-03-06 17:46 - 2011-03-06 17:46 - 1318782 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF1997.JPG
2011-03-06 17:43 - 2011-03-06 17:43 - 1332932 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2002.0
2011-03-06 17:43 - 2011-03-06 17:43 - 0510210 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2002.JPG
2011-03-06 17:44 - 2011-03-06 17:44 - 1316416 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2003.JPG
2011-03-07 09:34 - 2011-03-07 09:33 - 1274890 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2004.0
2011-03-07 09:34 - 2011-03-07 09:34 - 0789483 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2004.JPG
2011-03-07 21:53 - 2011-03-07 21:53 - 1274885 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2005.JPG
2011-03-07 21:52 - 2011-03-07 21:52 - 1267421 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2010.JPG
2011-03-07 21:56 - 2011-03-07 21:56 - 1273974 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2011.JPG
2011-03-07 21:57 - 2011-03-07 21:57 - 1277302 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2013.JPG
2011-03-07 21:54 - 2011-03-07 21:54 - 1293404 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2017.JPG
2011-04-16 20:51 - 2011-04-16 20:51 - 1315581 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2025.JPG
2011-04-16 20:51 - 2011-04-16 20:51 - 1292080 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2026.JPG
2011-04-16 20:49 - 2011-04-16 20:49 - 1314801 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2035.0
2011-04-16 20:49 - 2011-04-16 20:49 - 0599006 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2035.JPG
2011-04-25 15:20 - 2011-04-25 15:20 - 1307596 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2112.JPG
2011-04-30 22:38 - 2011-04-30 22:38 - 1298066 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2136.JPG
2011-04-30 22:39 - 2011-04-30 22:39 - 1322262 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2138.JPG
2011-04-30 22:40 - 2011-04-30 22:40 - 1309634 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2139.JPG
2011-04-30 22:41 - 2011-04-30 22:41 - 1322904 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2140.JPG
2011-06-12 13:52 - 2011-06-12 13:52 - 1262679 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2169.JPG
2011-06-12 13:55 - 2011-06-12 13:55 - 1279366 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2177.JPG
2011-06-12 13:49 - 2011-06-12 13:49 - 1261334 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2180.JPG
2011-06-12 13:50 - 2011-06-12 13:50 - 1293257 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2182.JPG
2011-06-17 22:31 - 2011-06-17 22:31 - 1321172 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2183.0
2011-06-17 22:31 - 2011-06-17 22:31 - 0509959 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2183.JPG
2011-06-19 22:04 - 2011-06-19 22:04 - 0116703 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2187.JPG
2011-06-19 22:05 - 2011-06-19 22:05 - 0116082 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2190.JPG
2011-06-19 22:01 - 2011-06-19 22:01 - 0117748 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2193.JPG
2011-06-19 22:03 - 2011-06-19 22:03 - 0117035 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2197.JPG
2011-06-19 22:06 - 2011-06-19 22:06 - 0118663 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2200.JPG
2011-07-18 13:17 - 2011-07-18 13:17 - 0123013 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2229.0
2011-07-18 13:17 - 2011-07-18 13:17 - 0068474 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2229.JPG
2011-08-29 17:35 - 2011-08-29 17:35 - 0120964 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2385.JPG
2011-09-11 20:25 - 2011-09-11 20:25 - 0122540 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2393.JPG
2011-09-11 20:24 - 2011-09-11 20:24 - 0125335 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2395.JPG
2011-09-11 20:26 - 2011-09-11 20:26 - 0123971 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2398.JPG
2011-09-11 20:29 - 2011-09-11 20:29 - 0119387 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2405.JPG
2011-09-11 20:32 - 2011-09-11 20:32 - 0118672 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2421.JPG
2011-09-18 17:40 - 2011-09-18 17:40 - 1304426 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2449.JPG
2011-09-18 17:43 - 2011-09-18 17:43 - 1288406 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2458.JPG
2011-09-18 17:44 - 2011-09-18 17:44 - 1312647 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2459.JPG
2011-10-10 13:12 - 2011-10-10 13:12 - 1273619 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2582.JPG
2011-10-04 10:50 - 2011-10-04 10:50 - 1300377 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2616.0
2011-10-04 10:50 - 2011-10-04 10:50 - 0466372 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2616.JPG
2011-10-04 10:44 - 2011-10-04 10:44 - 1256158 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2623.0
2011-10-04 10:44 - 2011-10-04 10:44 - 0675864 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2623.JPG
2011-10-04 10:46 - 2011-10-04 10:46 - 1271643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2625.0
2011-10-04 10:46 - 2011-10-04 10:47 - 1271643 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2625.JPG
2011-10-04 10:43 - 2011-10-04 10:43 - 1297844 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2629.0
2011-10-04 10:43 - 2011-10-04 10:43 - 0418412 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2629.JPG
2011-10-04 10:41 - 2011-10-04 10:41 - 1315743 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2632.0
2011-10-04 10:41 - 2011-10-04 10:41 - 0397200 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2632.JPG
2011-10-04 10:40 - 2011-10-04 10:40 - 1276351 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2633.JPG
2011-10-04 10:27 - 2011-10-04 10:27 - 1295723 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2654.0
2011-10-04 10:27 - 2011-10-04 10:27 - 0733257 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2654.JPG
2011-10-04 10:30 - 2011-10-04 10:30 - 1290307 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2655.0
2011-10-04 10:30 - 2011-10-04 10:30 - 0377537 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2655.JPG
2011-10-04 10:33 - 2011-10-04 10:33 - 1311450 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2658.JPG
2011-10-29 11:52 - 2011-10-29 11:52 - 1274442 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2812.0
2011-10-29 11:52 - 2011-10-29 11:52 - 0623965 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2812.JPG
2011-10-31 20:11 - 2011-10-31 20:11 - 1326983 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2817.JPG
2011-10-31 20:12 - 2011-10-31 20:12 - 1275600 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2819.JPG
2011-12-01 12:04 - 2011-12-01 12:04 - 1307556 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2829.0
2011-12-01 12:04 - 2011-12-01 12:04 - 0534391 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2829.JPG
2011-12-07 14:08 - 2011-12-07 14:08 - 1342024 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2837.0
2011-12-07 14:08 - 2011-12-07 14:08 - 0568931 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2837.JPG
2011-12-06 10:04 - 2011-12-06 10:04 - 1297713 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2843.0
2011-12-06 10:04 - 2011-12-06 10:04 - 0603624 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2843.JPG
2011-12-06 10:06 - 2011-12-06 10:06 - 1279630 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2845.0
2011-12-06 10:06 - 2011-12-06 10:06 - 0592591 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2845.JPG
2011-12-12 01:27 - 2011-12-12 01:27 - 1285879 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2945.JPG
2011-12-21 21:58 - 2011-12-21 21:58 - 1267066 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2964.JPG
2011-12-24 23:13 - 2011-12-24 23:13 - 1274787 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2968.JPG
2012-01-05 16:19 - 2012-01-05 16:19 - 1278695 _____ () C:\Users\Sinnfamily\AppData\Local\tmpDSCF2969.JPG
2011-04-13 10:47 - 2011-04-13 10:47 - 0119017 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEPSON002.0
2011-04-13 10:47 - 2011-04-13 10:47 - 0141870 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEPSON002.JPG
2011-04-14 18:15 - 2011-04-14 18:15 - 0208217 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEPSON003[1].JPG
2011-03-11 18:43 - 2011-03-11 18:43 - 0947202 _____ () C:\Users\Sinnfamily\AppData\Local\tmpEXPO_004[1].JPG
2011-10-26 10:51 - 2011-10-26 10:51 - 0178994 _____ () C:\Users\Sinnfamily\AppData\Local\tmpGRAVE MARKER.0
2011-10-26 10:51 - 2011-10-26 10:51 - 0181324 _____ () C:\Users\Sinnfamily\AppData\Local\tmpGRAVE MARKER.1
2011-10-26 10:51 - 2011-10-26 10:51 - 0181741 _____ () C:\Users\Sinnfamily\AppData\Local\tmpGRAVE MARKER.JPG
2012-12-20 23:24 - 2012-12-20 23:24 - 0057715 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHAPPYTAILS.JPG
2012-09-25 23:18 - 2012-09-25 23:18 - 2490355 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHARVEY.JPG
2012-09-25 23:16 - 2012-09-25 23:16 - 0021924 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHARVEYJ-2.0
2012-09-25 23:16 - 2012-09-25 23:16 - 0016735 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHARVEYJ-2.JPG
2013-07-22 22:56 - 2013-07-22 22:56 - 0757371 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHIBBING CABIN MAP030.0
2013-07-22 22:56 - 2013-07-22 22:56 - 1097356 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHIBBING CABIN MAP030.1
2013-07-22 22:56 - 2013-07-22 22:56 - 1118480 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHIBBING CABIN MAP030.JPG
2011-09-20 11:04 - 2011-09-20 11:04 - 0013259 _____ () C:\Users\Sinnfamily\AppData\Local\tmpHOWLOWEEN2006.JPG
2011-06-03 12:10 - 2011-06-03 12:10 - 5016602 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8563.0
2011-06-03 12:10 - 2011-06-03 12:10 - 1152240 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8563.JPG
2011-06-03 12:11 - 2011-06-03 12:11 - 4223711 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8589.0
2011-06-03 12:11 - 2011-06-03 12:11 - 0861439 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_8589.JPG
2011-06-03 12:19 - 2011-06-03 12:19 - 4716362 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_9086.0
2011-06-03 12:19 - 2011-06-03 12:19 - 1043970 _____ () C:\Users\Sinnfamily\AppData\Local\tmpIMG_9086.JPG
2011-01-01 19:05 - 2011-01-01 19:05 - 1166454 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJESSICA,JESSE, JD5.JPG
2011-01-01 19:06 - 2011-01-01 19:06 - 0012015 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJESSICA,JESSE, JD5_CROP.0
2011-01-01 19:06 - 2011-01-01 19:06 - 0012013 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJESSICA,JESSE, JD5_CROP.JPG
2012-12-22 22:46 - 2012-12-22 22:46 - 1395219 _____ () C:\Users\Sinnfamily\AppData\Local\tmpJOHNBUSH2.JPG
2010-06-14 19:28 - 2010-06-14 19:28 - 3366613 _____ () C:\Users\Sinnfamily\AppData\Local\tmpLOOKING+AT+YOU[1].0
2010-06-14 19:28 - 2010-06-14 19:28 - 0697527 _____ () C:\Users\Sinnfamily\AppData\Local\tmpLOOKING+AT+YOU[1].JPG
2010-02-03 20:14 - 2011-08-23 09:25 - 0011382 _____ () C:\Users\Sinnfamily\AppData\Local\tmpME AND TEUFEL.JPG
2010-05-29 22:01 - 2010-05-29 22:01 - 2076087 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].0
2010-05-29 22:01 - 2010-05-29 22:01 - 0992653 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].1
2010-05-29 22:01 - 2010-05-29 22:01 - 0982699 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].2
2010-05-29 22:01 - 2010-05-29 22:01 - 1018182 _____ () C:\Users\Sinnfamily\AppData\Local\tmpOUR_GIRL_MORGAN_MAY_2010[1].JPG
2012-08-08 12:24 - 2012-08-08 12:24 - 0222265 _____ () C:\Users\Sinnfamily\AppData\Local\tmpRICKSBASSETS07162012.JPG
2010-12-07 10:25 - 2010-12-07 10:25 - 2792446 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSAM_0041[1].JPG
2010-12-07 10:27 - 2010-12-07 10:27 - 2724806 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSAM_0042[1].JPG
2010-12-07 10:28 - 2010-12-07 10:28 - 2779611 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSAM_0043[1].JPG
2013-02-21 23:45 - 2013-02-21 23:45 - 0305120 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSIS FLYER.JPG
2011-09-20 09:12 - 2011-09-20 09:12 - 0078677 _____ () C:\Users\Sinnfamily\AppData\Local\tmpSIS.JPG
2012-12-02 12:34 - 2012-12-02 12:34 - 1372344 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL 7.0
2012-12-02 12:34 - 2012-12-02 12:34 - 0690494 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL 7.JPG
2011-08-01 18:25 - 2011-08-01 18:25 - 0089772 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL AT BASSETFEST.JPG
2010-09-13 23:27 - 2010-09-13 23:27 - 0121804 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTEUFEL3[1].JPG
2011-03-17 13:03 - 2011-03-17 13:03 - 0076429 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTUEFFLES.0
2011-03-17 13:03 - 2011-03-17 13:03 - 0042211 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTUEFFLES.1
2011-03-17 13:03 - 2011-03-17 13:03 - 0044867 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTUEFFLES.JPG
2013-08-09 10:57 - 2013-08-09 10:57 - 0331186 _____ () C:\Users\Sinnfamily\AppData\Local\tmpTYKE.JPG
2012-12-22 22:50 - 2012-12-22 22:50 - 2270875 _____ () C:\Users\Sinnfamily\AppData\Local\tmpUNITED NATIONS COMMAND SUPPORT GROUP.JPG
2011-09-20 09:12 - 2011-09-20 09:12 - 0115122 _____ () C:\Users\Sinnfamily\AppData\Local\tmpWELCOME FROM STONE MOUNTAIN.JPG
2010-02-13 21:07 - 2010-02-13 21:07 - 0022618 _____ () C:\Users\Sinnfamily\AppData\Local\tmpWHITE_BUTTERFLY_SNIFFER[1].JPG
2013-08-10 19:10 - 2013-08-10 19:10 - 0000000 _____ () C:\ProgramData\3b203d3a29333421252a593f31_c
2014-10-19 18:23 - 2014-10-19 18:23 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-01-10 18:40 - 2011-01-10 18:40 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\Users\Sinnfamily\jobq.dat


Some files in TEMP:
====================
C:\Users\Sinnfamily\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Sinnfamily\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Sinnfamily\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Sinnfamily\AppData\Local\Temp\SDShelEx-x64.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\nvvsvc.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe
C:\Windows\SysWOW64\WUDFHost.exe
C:\Windows\System32\nvd3dum.dll
C:\Windows\System32\nvwgf2um.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-20 22:12

==================== End of log ============================

Second file
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Sinnfamily at 2015-05-22 22:26:53
Running from C:\Users\Sinnfamily\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2643768202-156854014-2583388340-500 - Administrator - Disabled)
Guest (S-1-5-21-2643768202-156854014-2583388340-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2643768202-156854014-2583388340-1002 - Limited - Enabled)
Sinnfamily (S-1-5-21-2643768202-156854014-2583388340-1001 - Administrator - Enabled) => C:\Users\Sinnfamily

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.3.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.379 - Ancestry.com)
Family Tree Maker 2011 (x32 Version: 20.0.379 - Ancestry.com) Hidden
FamilySearch Indexing 3.10.5 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.10.5 - FamilySearch)
FamilySearch Linking 1.1.0 (HKLM-x32\...\0591-8077-9297-0833-1) (Version: 1.1.0 - FamilySearch)
FUJIFILM MyFinePix Studio 2.0 (HKLM-x32\...\FinePix Genie_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Homepage Protection (HKLM-x32\...\Homepage Protection) (Version: - AOL Products)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP ENVY 4500 series Basic Device Software (HKLM\...\{38A08516-1847-43E4-8076-9540B60EC43B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{3A5F6684-5FD8-4660-A4DA-BF60A20FCCFC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5882 - Realtek Semiconductor Corp.)
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uniblue RegistryBooster (HKLM-x32\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

13-05-2015 03:00:38 Windows Update
19-05-2015 18:09:50 Windows Update
20-05-2015 09:37:59 Installed AVG PC TuneUp 2015
20-05-2015 16:44:33 AVG 2015
22-05-2015 20:51:28 Removed Skype Toolbars

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00DE05F7-C4C2-4461-B40C-0CA9AEAFB3D7} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-10-20] (CyberLink Corp.)
Task: {048B52EB-3E7E-4737-81C5-ACC489A6E904} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {0D301EBB-5114-4655-8904-9DE15036F3C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {17B83FB2-BD08-4668-BBA5-1E0D76ADCB97} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2B1C0F13-4C81-4717-B976-9DE922CB21F4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36D38275-813C-4788-B1AB-3779C3F2F598} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {5B105DDE-C5D1-42E9-A71A-B1D20E9FCB26} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: {6267E7E9-9D6A-41CA-A45C-EC8E2D68322B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6ACE0257-90C2-433B-9293-A8913B336AFB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2643768202-156854014-2583388340-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {6E4E334F-75C0-46E8-81FE-2243052EC701} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07-02] (PC-Doctor, Inc.)
Task: {726F081B-293C-4B46-8725-F09B51D31EC8} - \ProgramRefresh-ATFST No Task File <==== ATTENTION
Task: {72B810CC-FF0E-4D5E-A275-971FD7D12A79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7B4207E6-F2CF-45C3-BE5B-742E3CAC74BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {8D9E64D7-9597-4BFE-BFFB-66505B2C918F} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-12-31] ()
Task: {917BB944-4725-4B52-A174-A2ABC541FCF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {922ECA91-B0D0-4F5E-9E67-09CAA18910A8} - System32\Tasks\{95EEF560-9095-4226-A149-6BC6A070B950} => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {92F47BF9-5F86-45CD-8F3F-64C84078CC81} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {98B4F376-E5F1-4AB0-91B1-0ABE576B94B1} - System32\Tasks\Google Update => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {9C41A200-A3BC-4255-A88B-9B094C22A07A} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {9EB87832-63D6-47B0-AA08-D15DEE543D72} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2643768202-156854014-2583388340-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A44BA7CF-38BA-4AD1-B970-82B6530D3FC7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN47T1507X => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {B3D5A209-57D7-42F6-B758-196D312C9C98} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
Task: {C0096E98-F13A-47F0-8A91-66B0763601AF} - System32\Tasks\HPCeeScheduleForSinnfamily => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C8FF2829-6472-46F5-9C86-D0D000FA13BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D273146D-2A8C-4339-9A6C-9BBB18BDE05C} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe
Task: {D5082955-084C-42C7-A1B3-92418DAF3313} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {DB23E848-922E-43C5-B7F1-B5FA7DADE589} - \ProgramUpdateCheck No Task File <==== ATTENTION
Task: {DCA7AA00-2695-42E5-8448-76A39D4A6B9E} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: {E853C7A8-D1A1-4AF6-A451-747EB0D00AC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {EBD141B3-63E0-4A72-8E9C-DF3AB841FB16} - System32\Tasks\{47742B60-D7A2-424D-8371-21724FCD2E7C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {EDBB4BBF-2315-401E-BD70-20E9ACAB5586} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {F8D7255A-057C-4D5B-B371-5DEDDE35203D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {FA4F0B45-642B-4CEA-BAD2-2808F9D8A5D9} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {FD855F12-7FA9-431D-8FD0-621F646AB67E} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {FDB407C0-6848-489E-9081-B52D1DB72EC6} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001Core.job => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643768202-156854014-2583388340-1001UA.job => C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSinnfamily.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-05-20 18:26 - 2015-05-20 18:26 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-20 18:26 - 2015-05-20 18:26 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-22 15:35 - 2015-05-22 15:35 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052201\algo.dll
2015-05-20 18:26 - 2015-05-20 18:26 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-15 09:00 - 2015-04-15 09:00 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:4A74A9A7
AlternateDataStreams: C:\ProgramData\Temp:6611AB82
AlternateDataStreams: C:\ProgramData\Temp:972E051C

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\skillsoft.com -> hxxp://support.skillsoft.com
IE trusted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\usaa.com -> hxxps://www.usaa.com

IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2643768202-156854014-2583388340-1001\...\123simsen.com -> www.123simsen.com

There are 7369 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2643768202-156854014-2583388340-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sinnfamily\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 173.225.144.10 - 173.225.144.70

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sinnfamily^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP ENVY 4500 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP ENVY 4500 series.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sinnfamily^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ChristmasHolidayLaughs Search Scope Monitor => "C:\PROGRA~2\CHRIST~2\bar\1.bin\4msrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Sinnfamily\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{862AFB70-51E0-4527-A271-8089B56E8C4F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{C18F71C2-F36F-4625-AB27-90EEB8D1E479}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{385AA1C8-3FA9-4B3B-BD9E-7367B718C947}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{AF8F13B3-F77D-4B1A-A975-B0E42F3F829E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{92E9E16B-95EC-46F4-B8B4-D8B4C5855C30}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{FC56BC42-4EC5-45EA-AC62-97E5A14B0D6F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{05E9270A-E3F2-4A90-9AF9-0531E88870E4}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{AC5E908D-A55B-4F73-B15C-CFB0F6EBD26D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{FA0AE581-0A66-43A8-8CB7-EE5700994EE7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{2CC2996A-B44E-4A2D-AE0C-D3C753CC0F22}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{ED0C4EDA-F45E-4296-93BB-4D28D09994E2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{2E4E8EDE-C9CE-4343-8260-A16DE0E95A03}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{764617C5-1D03-4EEB-BB6D-7672F4F38A7B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{994A22F0-68B9-4379-B5E1-15A52E7F438D}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{6B53A456-3420-4983-B732-CAD108778133}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{43230E3A-F961-4F8F-8602-AB42EFBEDA78}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [TCP Query User{2AEFA044-16C5-4238-B681-8418467C5584}C:\program files (x86)\hp\common\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common\hpdevicedetection3.exe
FirewallRules: [UDP Query User{091005CC-A496-4F92-9DA6-417FD38247FB}C:\program files (x86)\hp\common\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common\hpdevicedetection3.exe
FirewallRules: [{8B135CC0-C6E0-4069-B143-AD1F8F02841E}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
FirewallRules: [{A4B859C2-5460-4CB6-928D-57A5938BE20C}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{1DF73D99-F679-4C80-93F8-B2A2ED120C2E}] => (Allow) LPort=5357
FirewallRules: [{C6EFD0B0-9F11-4CDB-8D30-004DB350980F}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{127708EF-BEB7-418B-B25C-B54170BF40A1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C9FF2BD2-15F0-499F-9022-0D9509EBF9D3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D3397118-8472-4381-AC23-FF7ED3BD3CF1}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{82CEA311-9153-4A12-ADE0-5A2ED5A52AA3}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{21183FC2-B84E-4444-8F8D-D71894E4F72E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8C049D7F-3109-4691-935E-FDD25D6565CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{21BFE7F7-E7BC-4CB6-89E4-12D8FBB42846}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{55C6E141-EDA0-408D-8D7C-8C9686C535DB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{D023B66A-0EC2-406D-8FB7-32166B367688}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B38C3E4D-7DA4-45F6-AA03-5F270DF6F79E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{C37D1B0D-989A-4AB2-9D1D-B0F80D5A75B1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{D8FF93A6-3DE4-40BC-947B-44A6A7A1CEE0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{31143E86-0CAB-45BF-8A62-B10592C8D831}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FA2DB4C0-236C-410E-8DB5-B7A4F3C1F6FA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{7133564D-8800-4463-9B55-7C6DF7E54531}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

==================== Faulty Device Manager Devices =============

Name: qknfd
Description: qknfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: qknfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2015 10:26:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:25:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:24:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:23:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:22:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:21:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:20:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:19:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:18:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:17:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered


System errors:
=============
Error: (05/22/2015 08:22:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/22/2015 04:09:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
qknfd

Error: (05/22/2015 04:09:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753637.

Error: (05/22/2015 03:55:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
qknfd

Error: (05/22/2015 03:55:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753637.

Error: (05/22/2015 04:36:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
qknfd

Error: (05/22/2015 04:36:14 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753637.

Error: (05/21/2015 04:38:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (05/21/2015 07:49:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (05/20/2015 07:38:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
qknfd


Microsoft Office:
=========================
Error: (05/22/2015 10:26:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:25:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:24:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:23:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:22:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:21:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:20:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:19:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:18:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered

Error: (05/22/2015 10:17:54 PM) (Source: SDWinSec.exe) (EventID: 0) (User: )
Description: Class not registered


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 620 Processor
Percentage of memory in use: 24%
Total physical RAM: 7935.23 MB
Available physical RAM: 5991.66 MB
Total Pagefile: 15868.68 MB
Available Pagefile: 13242.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:584.07 GB) (Free:513.34 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:12 GB) (Free:2.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End of log ============================

 

[argus]

Your Windows needs to reformat, look

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\nvvsvc.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe
C:\Windows\SysWOW64\WUDFHost.exe
C:\Windows\System32\nvd3dum.dll
C:\Windows\System32\nvwgf2um.dll

Legitimate files missing, I'm sorry.

 

[LovesHounds]

Thank you for your help. I better get busy backing up some of my files that are for the rescue I work with.

 

[argus]

If I were your neighbors ... but ...

I better get busy backing up some of my files that are for the rescue I work with.

If are in D: partition, no problem.

 

[LovesHounds]

What does "If are in D: partition, no problem." mean? You lost me.

 

[argus]

What does "If are in D: partition, no problem." mean? You lost me

No, on D are safe. Formatting is only C: ( desktop and my documents).

 

[argus]

You do not have the D partition

Drive d: (FACTORY_IMAGE) (Fixed) (Total:12 GB) (Free:2.18 GB) NTFS ==>[System with boot components (obtained from reading drive)

You have Recovery partition, there is Windows.

How to make a partition, tutorial.
http://www.partitionwizard.com/free-partition-manager.html

 

[argus]

which is exact name of your laptop?

 

[LovesHounds]

I don't have a laptop. This is a desktop

 

[argus]

Okay, you have Recovery partition.
Servicer could restore Windows for 15 min.

Maybe is the second button.