Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Hi I am new to this.
Message
<blockquote data-quote="LovesHounds" data-source="post: 388384" data-attributes="member: 36572"><p>Hi I deleted the files. Nothing happened when I hit the windows key+R. But I was able to manually remove them from the uninstall programs area on my computer. I manually rebooted and ran the Scan. I can not get the file to upload.</p><p></p><p>Scan result of Farbar Recovery Scan</p><p></p><p>Tool (FRST) (x64) Version: 21-05-</p><p></p><p>2015</p><p>Ran by Sinnfamily (administrator) on</p><p></p><p>SINNFAMILY-PC on 22-05-2015</p><p></p><p>16:12:31</p><p>Running from C:\Users\Sinnfamily</p><p></p><p>\Downloads</p><p>Loaded Profiles: Sinnfamily (Available</p><p></p><p>profiles: Sinnfamily)</p><p>Platform: Windows 7 Home Premium</p><p></p><p>Service Pack 1 (X64) OS Language:</p><p></p><p>English (United States)</p><p>Internet Explorer Version 11 (Default</p><p></p><p>browser: IE)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan</p><p></p><p>Tool:</p><p></p><p><a href="http://www.geekstogo.com/forum/top" target="_blank">http://www.geekstogo.com/forum/top</a></p><p></p><p>ic/335081-frst-tutorial-how-to-use-</p><p></p><p>farbar-recovery-scan-tool/</p><p></p><p>====================</p><p></p><p>Processes (Whitelisted)</p><p></p><p>=================</p><p></p><p>(If an entry is included in the fixlist,</p><p></p><p>the process will be closed. The file will</p><p></p><p>not be moved.)</p><p></p><p>(NVIDIA Corporation) C:\Windows</p><p></p><p>\System32\nvvsvc.exe</p><p>(Avast Software s.r.o.) C:\Program</p><p></p><p>Files\AVAST Software\Avast</p><p></p><p>\AvastSvc.exe</p><p>(NVIDIA Corporation) C:\Windows</p><p></p><p>\System32\nvvsvc.exe</p><p>(LSI Corporation) C:\Program Files</p><p></p><p>\LSI SoftModem\agr64svc.exe</p><p>(Hewlett-Packard Company) C:</p><p></p><p>\Program Files (x86)\Common Files</p><p></p><p>\LightScribe\LSSrvc.exe</p><p>(Malwarebytes Corporation) C:</p><p></p><p>\Program Files (x86)\Malwarebytes</p><p></p><p>Anti-Malware\mbamscheduler.exe</p><p>(Malwarebytes Corporation) C:</p><p></p><p>\Program Files (x86)\Malwarebytes</p><p></p><p>Anti-Malware\mbamservice.exe</p><p>() C:\Program Files</p><p></p><p>(x86)\RealNetworks\RealDownloader</p><p></p><p>\rndlresolversvc.exe</p><p>(Yahoo! Inc.) C:\Program Files</p><p></p><p>(x86)\Yahoo!\SoftwareUpdate</p><p></p><p>\YahooAUService.exe</p><p>(Safer Networking Ltd.) C:\Program</p><p></p><p>Files (x86)\Spybot - Search & Destroy</p><p></p><p>\SDWinSec.exe</p><p>(Malwarebytes Corporation) C:</p><p></p><p>\Program Files (x86)\Malwarebytes</p><p></p><p>Anti-Malware\mbam.exe</p><p>(Avast Software s.r.o.) C:\Program</p><p></p><p>Files\AVAST Software\Avast</p><p></p><p>\avastui.exe</p><p>(Hewlett-Packard Company) C:</p><p></p><p>\Program Files (x86)\Hewlett-Packard</p><p></p><p>\HP Support Framework</p><p></p><p>\HPSA_Service.exe</p><p></p><p></p><p>====================</p><p></p><p>Registry (Whitelisted)</p><p></p><p>==================</p><p></p><p>(If an entry is included in the fixlist,</p><p></p><p>the registry item will be restored to</p><p></p><p>default or removed. The file will not</p><p></p><p>be moved.)</p><p></p><p>HKLM-x32\...\Run: [AVG_UI] => C:</p><p></p><p>\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgui.exe [3745232 2015-</p><p></p><p>04-15] (AVG Technologies CZ, s.r.o.)</p><p>HKLM-x32\...\Run: [] => [X]</p><p>HKLM-x32\...\Run: [AvastUI.exe] =></p><p></p><p>C:\Program Files\AVAST Software</p><p></p><p>\Avast\AvastUI.exe [5515496 2015-</p><p></p><p>05-20] (Avast Software s.r.o.)</p><p>HKU\S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-1001\...</p><p></p><p>\Policies\system: [LogonHoursAction]</p><p></p><p>2</p><p>HKU\S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-1001\...</p><p></p><p>\Policies\system:</p><p></p><p>[DontDisplayLogonHoursWarnings] 1</p><p>ShellIconOverlayIdentifiers: [00avast]</p><p></p><p>-> {472083B0-C522-11CF-8763-</p><p></p><p>00608CC02F24} => C:\Program Files</p><p></p><p>\AVAST Software\Avast\ashShA64.dll</p><p></p><p>[2015-05-20] (Avast Software s.r.o.)</p><p>ShellIconOverlayIdentifiers-x32:</p><p></p><p>[SharingPrivate] -> {08244EE6-92F0</p><p></p><p>-47f2-9FC9-929BAA2E7235} => No</p><p></p><p>File</p><p></p><p>====================</p><p></p><p>Internet (Whitelisted)</p><p></p><p>====================</p><p></p><p>(If an item is included in the fixlist, if</p><p></p><p>it is a registry item it will be removed</p><p></p><p>or restored to default.)</p><p></p><p>SearchScopes: HKLM -> {0633EE93-</p><p></p><p>D776-472f-A0FF-E1416B8B2E3A} URL</p><p></p><p>=</p><p>SearchScopes: HKLM -> {1235B3BB-</p><p></p><p>2B63-4F90-BA16-37F536739926} URL</p><p></p><p>= <a href="http://www.bing.com/search?q=" target="_blank">http://www.bing.com/search?q=</a></p><p></p><p>{searchTerms}</p><p></p><p>&FORM=HPDTDF&pc=HPDTDF&src=I</p><p></p><p>E-SearchBox</p><p>SearchScopes: HKLM -> {BFE680F5-</p><p></p><p>69D4-4A76-A974-C15503F8F00B} URL</p><p></p><p>= <a href="http://www.ask.com/web?q=" target="_blank">http://www.ask.com/web?q=</a></p><p></p><p>{searchterms}&l=dis&o=ushpd</p><p>SearchScopes: HKLM-x32 -></p><p></p><p>{0633EE93-D776-472f-A0FF-</p><p></p><p>E1416B8B2E3A} URL =</p><p>SearchScopes: HKLM-x32 -></p><p></p><p>{1235B3BB-2B63-4F90-BA16-</p><p></p><p>37F536739926} URL =</p><p></p><p><a href="http://www.bing.com/search?q=" target="_blank">http://www.bing.com/search?q=</a></p><p></p><p>{searchTerms}</p><p></p><p>&FORM=HPDTDF&pc=HPDTDF&src=I</p><p></p><p>E-SearchBox</p><p>SearchScopes: HKLM-x32 -></p><p></p><p>{BFE680F5-69D4-4A76-A974-</p><p></p><p>C15503F8F00B} URL =</p><p></p><p><a href="http://www.ask.com/web?q=" target="_blank">http://www.ask.com/web?q=</a></p><p></p><p>{searchterms}&l=dis&o=ushpd</p><p>BHO: AVG Safe Search -> {3CA2F312</p><p></p><p>-6F6E-4B53-A66E-4E65E497C8C0} -> </p><p></p><p>No File</p><p>BHO: avast! Online Security -></p><p></p><p>{8E5E2654-AD2D-48bf-AC2D-</p><p></p><p>D17F00898D06} -> C:\Program Files</p><p></p><p>\AVAST Software\Avast</p><p></p><p>\aswWebRepIE64.dll [2015-05-20]</p><p></p><p>(Avast Software s.r.o.)</p><p>BHO: HP Network Check Helper -></p><p></p><p>{E76FD755-C1BA-4DCB-9F13-</p><p></p><p>99BD91223ADE} -> C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\HP Support</p><p></p><p>Framework\Resources</p><p></p><p>\HPNetworkCheck</p><p></p><p>\HPNetworkCheckPluginx64.dll [2013</p><p></p><p>-08-28] (Hewlett-Packard)</p><p>BHO-x32: RealPlayer Download and</p><p></p><p>Record Plugin for Internet Explorer -></p><p></p><p>{3049C3E9-B461-4BC5-8870-</p><p></p><p>4C09146192CA} -> C:\ProgramData</p><p></p><p>\RealNetworks\RealDownloader</p><p></p><p>\BrowserPlugins\IE</p><p></p><p>\rndlbrowserrecordplugin.dll [2013-</p><p></p><p>08-14] (RealDownloader)</p><p>BHO-x32: AVG Safe Search -></p><p></p><p>{3CA2F312-6F6E-4B53-A66E-</p><p></p><p>4E65E497C8C0} -> No File</p><p>BHO-x32: Spybot-S&D IE Protection</p><p></p><p>-> {53707962-6F74-2D53-2644-</p><p></p><p>206D7942484F} -> C:\Program Files</p><p></p><p>(x86)\Spybot - Search & Destroy</p><p></p><p>\SDHelper.dll [2009-01-26] (Safer</p><p></p><p>Networking Limited)</p><p>BHO-x32: Java(tm) Plug-In SSV</p><p></p><p>Helper -> {761497BB-D6F0-462C-</p><p></p><p>B6EB-D4DAF1D92D43} -> C:\Program</p><p></p><p>Files (x86)\Java\jre1.8.0_45\bin</p><p></p><p>\ssv.dll [2015-04-27] (Oracle</p><p></p><p>Corporation)</p><p>BHO-x32: avast! Online Security -></p><p></p><p>{8E5E2654-AD2D-48bf-AC2D-</p><p></p><p>D17F00898D06} -> C:\Program Files</p><p></p><p>\AVAST Software\Avast</p><p></p><p>\aswWebRepIE.dll [2015-05-20]</p><p></p><p>(Avast Software s.r.o.)</p><p>BHO-x32: hpBHO Class -></p><p></p><p>{ABD3B5E1-B268-407B-A150-</p><p></p><p>2641DAB8D898} -> C:\Program Files</p><p></p><p>(x86)\Common Files\Homepage</p><p></p><p>Protection\HomepageProtection.dll</p><p></p><p>[2009-06-08] (AOL Products)</p><p>BHO-x32: Skype Browser Helper -></p><p></p><p>{AE805869-2E5C-4ED4-8F7B-</p><p></p><p>F1F7851A4497} -> C:\Program Files</p><p></p><p>(x86)\Skype\Toolbars\Internet</p><p></p><p>Explorer\skypeieplugin.dll [2011-05-</p><p></p><p>16] (Skype Technologies S.A.)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV</p><p></p><p>Helper -> {DBC80044-A445-435b-</p><p></p><p>BC74-9C25C1C588A9} -> C:\Program</p><p></p><p>Files (x86)\Java\jre1.8.0_45\bin</p><p></p><p>\jp2ssv.dll [2015-04-27] (Oracle</p><p></p><p>Corporation)</p><p>BHO-x32: HP Network Check Helper</p><p></p><p>-> {E76FD755-C1BA-4DCB-9F13-</p><p></p><p>99BD91223ADE} -> C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\HP Support</p><p></p><p>Framework\Resources</p><p></p><p>\HPNetworkCheck</p><p></p><p>\HPNetworkCheckPlugin.dll [2013-08</p><p></p><p>-28] (Hewlett-Packard)</p><p>Toolbar: HKLM-x32 - No Name -</p><p></p><p>{1E61ED7C-7CB8-49d6-B9E9-</p><p></p><p>AB4C880C8414} - No File</p><p>Toolbar: HKLM-x32 - No Name -</p><p></p><p>{CCC7A320-B3CA-4199-B1A6-</p><p></p><p>9F516DD69829} - No File</p><p>Toolbar: HKU\S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-1001 -> No</p><p></p><p>Name - {CCC7A320-B3CA-4199-B1A6</p><p></p><p>-9F516DD69829} - No File</p><p>Toolbar: HKU\S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-1001 -> No</p><p></p><p>Name - {E7DF6BFF-55A5-4EB7-A673</p><p></p><p>-4ED3E9456D39} - No File</p><p>Toolbar: HKU\S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-1001 -> No</p><p></p><p>Name - {2318C2B1-4965-11D4-9B18-</p><p></p><p>009027A5CD4F} - No File</p><p>DPF: HKLM-x32 {02BCC737-B171-</p><p></p><p>4746-94C9-0D8A0B2C0089}</p><p></p><p><a href="http://office.microsoft.com/_layouts/C" target="_blank">http://office.microsoft.com/_layouts/C</a></p><p></p><p>lientBin/ieawsdc32.cab</p><p>DPF: HKLM-x32 {02BF25D5-8C17-</p><p></p><p>4B23-BC80-D3488ABDDC6B}</p><p></p><p><a href="http://appldnld.apple.com.edgesuite" target="_blank">http://appldnld.apple.com.edgesuite</a>.</p><p></p><p>net/content.info.apple.com/QuickTime</p><p></p><p>/qtactivex/qtplugin.cab</p><p>DPF: HKLM-x32 {166B1BCA-3F9C-</p><p></p><p>11CF-8075-444553540000}</p><p></p><p><a href="http://download.macromedia.com/pu" target="_blank">http://download.macromedia.com/pu</a></p><p></p><p>b/shockwave/cabs/director/sw.cab</p><p>DPF: HKLM-x32 {3107C2A8-9F0B-</p><p></p><p>4404-A58B-21BD85268FBC}</p><p></p><p><a href="http://www.pogo.com/cdl/launcher/Po" target="_blank">http://www.pogo.com/cdl/launcher/Po</a></p><p></p><p>goWebLauncherInstaller.CAB</p><p>DPF: HKLM-x32 {3D3B42C2-11BF-</p><p></p><p>4732-A304-A01384B70D68}</p><p></p><p><a href="http://picasaweb.google.com/s/v/61.1" target="_blank">http://picasaweb.google.com/s/v/61.1</a></p><p></p><p>8/uploader2.cab</p><p>DPF: HKLM-x32 {49E67060-2C0D-</p><p></p><p>415E-94C7-52A49F73B2F1}</p><p></p><p><a href="http://zone.msn.com/bingame/pppp/d" target="_blank">http://zone.msn.com/bingame/pppp/d</a></p><p></p><p>efault/PiratePoppers.1.0.0.39.cab</p><p>DPF: HKLM-x32 {6218F7B5-0D3A-</p><p></p><p>48BA-AE4C-49DCFA63D400}</p><p></p><p><a href="http://www.myheritage.com/Genoogl" target="_blank">http://www.myheritage.com/Genoogl</a></p><p></p><p>e/Components/ActiveX/SearchEngine</p><p></p><p>Query.dll</p><p>DPF: HKLM-x32 {73ECB3AA-4717-</p><p></p><p>450C-A2AB-D00DAD9EE203}</p><p></p><p><a href="http://h20614.www2.hp.com/ediags/g" target="_blank">http://h20614.www2.hp.com/ediags/g</a></p><p></p><p>md/Install/Cab/hpdetect119b.cab</p><p>DPF: HKLM-x32 {7E980B9B-8AE5-</p><p></p><p>466A-B6D6-DA8CF814E78A}</p><p></p><p><a href="http://zone.msn.com/bingame/chnz/d" target="_blank">http://zone.msn.com/bingame/chnz/d</a></p><p></p><p>efault/mjolauncher.cab</p><p>DPF: HKLM-x32 {8100D56A-5661-</p><p></p><p>482C-BEE8-AFECE305D968}</p><p></p><p><a href="http://upload.facebook.com/controls/" target="_blank">http://upload.facebook.com/controls/</a></p><p></p><p>2009.07.28_v5.5.8.1/FacebookPhotoU</p><p></p><p>ploader55.cab</p><p>DPF: HKLM-x32 {9AA73F41-EC64-</p><p></p><p>489E-9A73-9CD52E528BC4}</p><p></p><p><a href="http://zone.msn.com/binGame/ZAxRc" target="_blank">http://zone.msn.com/binGame/ZAxRc</a></p><p></p><p>Mgr.cab</p><p>DPF: HKLM-x32 {DF780F87-FF2B-</p><p></p><p>4DF8-92D0-73DB16A1543A}</p><p></p><p><a href="http://zone.msn.com/BINGAME/POPC" target="_blank">http://zone.msn.com/BINGAME/POPC</a></p><p></p><p>APLOADER_V10.CAB</p><p>DPF: HKLM-x32 {E06E2E99-0AA1-</p><p></p><p>11D4-ABA6-0060082AA75C}</p><p></p><p><a href="https://petsmartcharities.webex.com/" target="_blank">https://petsmartcharities.webex.com/</a></p><p></p><p>client/T27LD/webex/ieatgpc1.cab</p><p>DPF: HKLM-x32 {E2883E8F-472F-</p><p></p><p>4FB0-9522-AC9BF37916A7}</p><p></p><p><a href="http://platformdl.adobe.com/NOS/get" target="_blank">http://platformdl.adobe.com/NOS/get</a></p><p></p><p>PlusPlus/1.6/gp.cab</p><p>Handler: linkscanner - {F274614C-</p><p></p><p>63F8-47D5-A4D1-FBDDE494F8D1} - </p><p></p><p>No File</p><p>Handler: ms-itss - {0A9007C0-4076-</p><p></p><p>11D3-8789-0000F8105754} - No File</p><p>Handler-x32: skype-ie-addon-data -</p><p></p><p>{91774881-D725-4E58-B298-</p><p></p><p>07617B9B86A8} - C:\Program Files</p><p></p><p>(x86)\Skype\Toolbars\Internet</p><p></p><p>Explorer\skypeieplugin.dll [2011-05-</p><p></p><p>16] (Skype Technologies S.A.)</p><p>Tcpip\Parameters: [DhcpNameServer]</p><p></p><p>173.225.144.10 173.225.144.70</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\Sinnfamily</p><p></p><p>\AppData\Roaming\Mozilla\Firefox</p><p></p><p>\Profiles\4iuichbd.default</p><p>FF DefaultSearchEngine: Google</p><p>FF DefaultSearchEngine.US: Google</p><p>FF Homepage:</p><p></p><p><a href="https://www.facebook.com/?ref=logo" target="_blank">https://www.facebook.com/?ref=logo</a></p><p>FF Plugin: @adobe.com/FlashPlayer</p><p></p><p>-> C:\Windows\system32\Macromed</p><p></p><p>\Flash\NPSWF64_17_0_0_169.dll</p><p></p><p>[2015-04-15] ()</p><p>FF Plugin: @microsoft.com/GENUINE</p><p></p><p>-> disabled No File</p><p>FF Plugin:</p><p></p><p>@Microsoft.com/NpCtrl,version=1.0</p><p></p><p>-> c:\Program Files\Microsoft</p><p></p><p>Silverlight\5.1.40416.0\npctrl.dll</p><p></p><p>[2015-04-16] ( Microsoft Corporation)</p><p>FF Plugin-x32:</p><p></p><p>@adobe.com/FlashPlayer -> C:</p><p></p><p>\Windows\SysWOW64\Macromed</p><p></p><p>\Flash\NPSWF32_17_0_0_169.dll</p><p></p><p>[2015-04-15] ()</p><p>FF Plugin-x32:</p><p></p><p>@adobe.com/ShockwavePlayer -> C:</p><p></p><p>\Windows\SysWOW64\Adobe</p><p></p><p>\Director\np32dsw_1202122.dll [2013</p><p></p><p>-04-03] (Adobe Systems, Inc.)</p><p>FF Plugin-x32:</p><p></p><p>@java.com/DTPlugin,version=11.45.2</p><p></p><p>-> C:\Program Files (x86)\Java</p><p></p><p>\jre1.8.0_45\bin\dtplugin</p><p></p><p>\npDeployJava1.dll [2015-04-27]</p><p></p><p>(Oracle Corporation)</p><p>FF Plugin-x32:</p><p></p><p>@java.com/JavaPlugin,version=11.45.</p><p></p><p>2 -> C:\Program Files (x86)\Java</p><p></p><p>\jre1.8.0_45\bin\plugin2\npjp2.dll</p><p></p><p>[2015-04-27] (Oracle Corporation)</p><p>FF Plugin-x32:</p><p></p><p>@microsoft.com/GENUINE -> disabled</p><p></p><p>No File</p><p>FF Plugin-x32:</p><p></p><p>@Microsoft.com/NpCtrl,version=1.0</p><p></p><p>-> c:\Program Files (x86)\Microsoft</p><p></p><p>Silverlight\5.1.40416.0\npctrl.dll</p><p></p><p>[2015-04-15] ( Microsoft Corporation)</p><p>FF Plugin-x32:</p><p></p><p>@real.com/nprndlchromebrowserrecor</p><p></p><p>dext;version=1.3.3 -> C:</p><p></p><p>\ProgramData\RealNetworks</p><p></p><p>\RealDownloader\BrowserPlugins</p><p></p><p>\MozillaPlugins</p><p></p><p>\nprndlchromebrowserrecordext.dll</p><p></p><p>[2013-08-14] (RealNetworks, Inc.)</p><p>FF Plugin-x32:</p><p></p><p>@real.com/nprndlhtml5videoshim;ver</p><p></p><p>sion=1.3.3 -> C:\ProgramData</p><p></p><p>\RealNetworks\RealDownloader</p><p></p><p>\BrowserPlugins\MozillaPlugins</p><p></p><p>\nprndlhtml5videoshim.dll [2013-08-</p><p></p><p>14] (RealNetworks, Inc.)</p><p>FF Plugin-x32:</p><p></p><p>@real.com/nprndlpepperflashvideoshi</p><p></p><p>m;version=1.3.3 -> C:\ProgramData</p><p></p><p>\RealNetworks\RealDownloader</p><p></p><p>\BrowserPlugins\MozillaPlugins</p><p></p><p>\nprndlpepperflashvideoshim.dll</p><p></p><p>[2013-08-14] (RealNetworks, Inc.)</p><p>FF Plugin-x32:</p><p></p><p>@realnetworks.com/npdlplugin;versio</p><p></p><p>n=1 -> C:\ProgramData</p><p></p><p>\RealNetworks\RealDownloader</p><p></p><p>\BrowserPlugins\npdlplugin.dll [2013</p><p></p><p>-08-14] (RealDownloader)</p><p>FF Plugin-x32:</p><p></p><p>@rocketlife.com/RocketLife Secure</p><p></p><p>Plug-In Layer;version=1.0.5 -> C:</p><p></p><p>\ProgramData\Visan\plugins</p><p></p><p>\npRLSecurePluginLayer.dll [2014-11</p><p></p><p>-05] (RocketLife, LLP)</p><p>FF Plugin-x32:</p><p></p><p>@tools.google.com/Google</p><p></p><p>Update;version=3 -> C:\Program</p><p></p><p>Files (x86)\Google\Update</p><p></p><p>\1.3.27.5\npGoogleUpdate3.dll [2015</p><p></p><p>-05-15] (Google Inc.)</p><p>FF Plugin-x32:</p><p></p><p>@tools.google.com/Google</p><p></p><p>Update;version=9 -> C:\Program</p><p></p><p>Files (x86)\Google\Update</p><p></p><p>\1.3.27.5\npGoogleUpdate3.dll [2015</p><p></p><p>-05-15] (Google Inc.)</p><p>FF Plugin-x32: Adobe Reader -> C:</p><p></p><p>\Program Files (x86)\Adobe\Reader</p><p></p><p>11.0\Reader\AIR\nppdf32.dll [2014-</p><p></p><p>12-03] (Adobe Systems Inc.)</p><p>FF Plugin HKU\S-1-5-21-2643768202</p><p></p><p>-156854014-2583388340-1001:</p><p></p><p>@lightspark.github.com/Lightspark;ve</p><p></p><p>rsion=1 -> C:\Program Files</p><p></p><p>(x86)\Lightspark 0.5.3-git</p><p></p><p>\nplightsparkplugin.dll No File</p><p>FF Plugin HKU\S-1-5-21-2643768202</p><p></p><p>-156854014-2583388340-1001:</p><p></p><p>@talk.google.com/GoogleTalkPlugin</p><p></p><p>-> C:\Users\Sinnfamily\AppData</p><p></p><p>\Roaming\Mozilla\plugins</p><p></p><p>\npgoogletalk.dll [2015-04-17]</p><p></p><p>(Google)</p><p>FF Plugin HKU\S-1-5-21-2643768202</p><p></p><p>-156854014-2583388340-1001:</p><p></p><p>@talk.google.com/O1DPlugin -> C:</p><p></p><p>\Users\Sinnfamily\AppData\Roaming</p><p></p><p>\Mozilla\plugins\npo1d.dll [2015-04-</p><p></p><p>17] (Google)</p><p>FF Plugin HKU\S-1-5-21-2643768202</p><p></p><p>-156854014-2583388340-1001:</p><p></p><p>@tools.google.com/Google</p><p></p><p>Update;version=3 -> C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Update</p><p></p><p>\1.3.27.5\npGoogleUpdate3.dll [2015</p><p></p><p>-05-17] (Google Inc.)</p><p>FF Plugin HKU\S-1-5-21-2643768202</p><p></p><p>-156854014-2583388340-1001:</p><p></p><p>@tools.google.com/Google</p><p></p><p>Update;version=9 -> C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Update</p><p></p><p>\1.3.27.5\npGoogleUpdate3.dll [2015</p><p></p><p>-05-17] (Google Inc.)</p><p>FF user.js: detected! => C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming</p><p></p><p>\Mozilla\Firefox\Profiles</p><p></p><p>\4iuichbd.default\user.js [2013-08-22]</p><p>FF Plugin ProgramFiles/Appdata: C:</p><p></p><p>\Program Files (x86)\mozilla firefox</p><p></p><p>\browser\plugins</p><p></p><p>\npMozCouponPrinter.dll [2013-08-02]</p><p></p><p>(Coupons, Inc.)</p><p>FF Plugin ProgramFiles/Appdata: C:</p><p></p><p>\Users\Sinnfamily\AppData\Roaming</p><p></p><p>\mozilla\plugins\npgoogletalk.dll</p><p></p><p>[2015-04-17] (Google)</p><p>FF Plugin ProgramFiles/Appdata: C:</p><p></p><p>\Users\Sinnfamily\AppData\Roaming</p><p></p><p>\mozilla\plugins\npo1d.dll [2015-04-</p><p></p><p>17] (Google)</p><p>FF HKLM-x32\...\Firefox\Extensions:</p><p></p><p>[{7BA52691-1876-45ce-9EE6-</p><p></p><p>54BCB3B04BBC}] - C:\ProgramData</p><p></p><p>\Norton\{0C55C096-0F1D-4F28-AAA2</p><p></p><p>-85EF591126E7}\Norton\coFFPlgn</p><p>FF HKLM-x32\...\Firefox\Extensions:</p><p></p><p>[{DF153AFF-6948-45d7-AC98-</p><p></p><p>4FC4AF8A08E2}] - C:\ProgramData</p><p></p><p>\RealNetworks\RealDownloader</p><p></p><p>\BrowserPlugins\Firefox\Ext</p><p>FF Extension: RealDownloader - C:</p><p></p><p>\ProgramData\RealNetworks</p><p></p><p>\RealDownloader\BrowserPlugins</p><p></p><p>\Firefox\Ext [2013-08-22]</p><p>FF HKLM-x32\...\Firefox\Extensions:</p><p></p><p>[{ABDE892B-13A8-4d1b-88E6-</p><p></p><p>365A6E755758}] - C:\ProgramData</p><p></p><p>\RealNetworks\RealDownloader</p><p></p><p>\BrowserPlugins\Firefox\Ext</p><p>FF HKLM-x32\...\Firefox\Extensions:</p><p></p><p>[<a href="mailto:wrc@avast.com">wrc@avast.com</a>] - C:\Program Files</p><p></p><p>\AVAST Software\Avast\WebRep\FF</p><p>FF Extension: Avast Online Security -</p><p></p><p>C:\Program Files\AVAST Software</p><p></p><p>\Avast\WebRep\FF [2015-05-20]</p><p></p><p>Chrome:</p><p>=======</p><p>CHR Profile: C:\Users\Sinnfamily</p><p></p><p>\AppData\Local\Google\Chrome\User</p><p></p><p>Data\Default</p><p>CHR Extension: (YouTube) - C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\blpcfgokakmgnkcojhhkbfbldkacnbeo</p><p></p><p>[2013-08-04]</p><p>CHR Extension: (No Name) - C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\cbgbcgglihpocekaopnclahmonoolicp</p><p></p><p>[2013-08-22]</p><p>CHR Extension: (Google Search) - C:</p><p></p><p>\Users\Sinnfamily\AppData\Local</p><p></p><p>\Google\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\coobgpohoikkiipiblmjeljniedjpjpf</p><p></p><p>[2013-08-04]</p><p>CHR Extension: (Bookmark Manager)</p><p></p><p>- C:\Users\Sinnfamily\AppData\Local</p><p></p><p>\Google\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\gmlllbghnfkpflemihljekbapjopfjik</p><p></p><p>[2015-05-20]</p><p>CHR Extension: (Avast Online</p><p></p><p>Security) - C:\Users\Sinnfamily</p><p></p><p>\AppData\Local\Google\Chrome\User</p><p></p><p>Data\Default\Extensions</p><p></p><p>\gomekmidlodglbbmalcneegieacbdmki</p><p></p><p>[2015-05-20]</p><p>CHR Extension: (RealDownloader) -</p><p></p><p>C:\Users\Sinnfamily\AppData\Local</p><p></p><p>\Google\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\idhngdhcfkoamngbedgpaokgjbnpdiji</p><p></p><p>[2013-08-22]</p><p>CHR Extension: (Chrome Hotword</p><p></p><p>Shared Module) - C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\lccekmodgklaepjeofjdjpbminllajkg</p><p></p><p>[2015-03-19]</p><p>CHR Extension: (Hangouts) - C:</p><p></p><p>\Users\Sinnfamily\AppData\Local</p><p></p><p>\Google\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\nckgahadagoaajjgafhacjanaoiihapd</p><p></p><p>[2014-08-08]</p><p>CHR Extension: (Google Wallet) - C:</p><p></p><p>\Users\Sinnfamily\AppData\Local</p><p></p><p>\Google\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\nmmhkkegccagdldgiimedpiccmgmied</p><p></p><p>a [2013-08-21]</p><p>CHR Extension: (Gmail) - C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Chrome\User Data\Default</p><p></p><p>\Extensions</p><p></p><p>\pjkljhegncpnkpknbcohdijeoejaedia</p><p></p><p>[2013-08-04]</p><p>CHR HKLM-x32\...\Chrome\Extension:</p><p></p><p>[gomekmidlodglbbmalcneegieacbdmki</p><p></p><p>] - C:\Program Files\AVAST Software</p><p></p><p>\Avast\WebRep\Chrome</p><p></p><p>\aswWebRepChrome.crx [2015-05-20]</p><p>CHR HKLM-x32\...\Chrome\Extension:</p><p></p><p>[idhngdhcfkoamngbedgpaokgjbnpdiji]</p><p></p><p>- C:\ProgramData\RealNetworks</p><p></p><p>\RealDownloader\BrowserPlugins</p><p></p><p>\Chrome\Ext\realdownloader.crx</p><p></p><p>[2013-08-14]</p><p></p><p>====================</p><p></p><p>Services (Whitelisted)</p><p></p><p>=================</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed from the registry. The</p><p></p><p>file will not be moved unless listed</p><p></p><p>separately.)</p><p></p><p>R2 avast! Antivirus; C:\Program Files</p><p></p><p>\AVAST Software\Avast\AvastSvc.exe</p><p></p><p>[343336 2015-05-20] (Avast Software</p><p></p><p>s.r.o.)</p><p>S2 avgfws; C:\Program Files</p><p></p><p>(x86)\AVG\AVG2015\avgfws.exe</p><p></p><p>[1517480 2015-04-15] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>S2 AVGIDSAgent; C:\Program Files</p><p></p><p>(x86)\AVG\AVG2015\avgidsagent.exe</p><p></p><p>[3438032 2015-04-15] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>S2 avgwd; C:\Program Files</p><p></p><p>(x86)\AVG\AVG2015\avgwdsvc.exe</p><p></p><p>[311792 2015-04-15] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R2 DiagTrack; C:\Windows</p><p></p><p>\system32\diagtrack.dll [1254400</p><p></p><p>2015-04-27] (Microsoft Corporation)</p><p>R2 EFS; C:\Windows</p><p></p><p>\SysWOW64\lsass.exe [0 2013-08-10]</p><p></p><p>() <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>R2 HP Support Assistant Service; C:</p><p></p><p>\Program Files (x86)\Hewlett-Packard</p><p></p><p>\HP Support Framework</p><p></p><p>\hpsa_service.exe [92160 2013-11-04]</p><p></p><p>(Hewlett-Packard Company) [File not</p><p></p><p>signed]</p><p>S3 KeyIso; C:\Windows</p><p></p><p>\SysWOW64\lsass.exe [0 2013-08-10]</p><p></p><p>() <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>R2 LightScribeService; c:\Program</p><p></p><p>Files (x86)\Common Files\LightScribe</p><p></p><p>\LSSrvc.exe [73728 2009-05-18]</p><p></p><p>(Hewlett-Packard Company) [File not</p><p></p><p>signed]</p><p>R2 MBAMScheduler; C:\Program Files</p><p></p><p>(x86)\Malwarebytes Anti-Malware</p><p></p><p>\mbamscheduler.exe [1871160 2015-</p><p></p><p>04-14] (Malwarebytes Corporation)</p><p>R2 MBAMService; C:\Program Files</p><p></p><p>(x86)\Malwarebytes Anti-Malware</p><p></p><p>\mbamservice.exe [1080120 2015-04</p><p></p><p>-14] (Malwarebytes Corporation)</p><p>S3 Netlogon; C:\Windows</p><p></p><p>\SysWOW64\lsass.exe [0 2013-08-10]</p><p></p><p>() <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>R2 nvsvc; C:\Windows</p><p></p><p>\SysWOW64\nvvsvc.exe [0 2013-08-</p><p></p><p>10] () <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>S3 ProtectedStorage; C:\Windows</p><p></p><p>\SysWOW64\lsass.exe [0 2013-08-10]</p><p></p><p>() <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>R2 RealNetworks Downloader</p><p></p><p>Resolver Service; C:\Program Files</p><p></p><p>(x86)\RealNetworks\RealDownloader</p><p></p><p>\rndlresolversvc.exe [39056 2013-08-</p><p></p><p>14] ()</p><p>R2 SamSs; C:\Windows</p><p></p><p>\SysWOW64\lsass.exe [0 2013-08-10]</p><p></p><p>() <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>R2 SBSDWSCService; C:\Program</p><p></p><p>Files (x86)\Spybot - Search & Destroy</p><p></p><p>\SDWinSec.exe [1153368 2009-01-26]</p><p></p><p>(Safer Networking Ltd.)</p><p>R2 Spooler; C:\Windows</p><p></p><p>\SysWOW64\spoolsv.exe [0 2013-08-</p><p></p><p>10] () <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>S3 VaultSvc; C:\Windows</p><p></p><p>\SysWOW64\lsass.exe [0 2013-08-10]</p><p></p><p>() <==== ATTENTION (zero size</p><p></p><p>file/folder)</p><p>S3 WinDefend; C:\Program Files</p><p></p><p>\Windows Defender\mpsvc.dll</p><p></p><p>[1011712 2013-05-27] (Microsoft</p><p></p><p>Corporation)</p><p></p><p>====================</p><p></p><p>Drivers (Whitelisted)</p><p></p><p>====================</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed from the registry. The</p><p></p><p>file will not be moved unless listed</p><p></p><p>separately.)</p><p></p><p>R2 aswHwid; C:\Windows</p><p></p><p>\system32\drivers\aswHwid.sys</p><p></p><p>[29168 2015-05-20] ()</p><p>R2 aswMonFlt; C:\Windows</p><p></p><p>\system32\drivers\aswMonFlt.sys</p><p></p><p>[89944 2015-05-20] (Avast Software</p><p></p><p>s.r.o.)</p><p>R1 aswRdr; C:\Windows</p><p></p><p>\system32\drivers\aswRdr2.sys [93528</p><p></p><p>2015-05-20] (Avast Software s.r.o.)</p><p>R0 aswRvrt; C:\Windows</p><p></p><p>\System32\Drivers\aswRvrt.sys [65736</p><p></p><p>2015-05-20] ()</p><p>R1 aswSnx; C:\Windows</p><p></p><p>\system32\drivers\aswSnx.sys</p><p></p><p>[1047320 2015-05-20] (Avast</p><p></p><p>Software s.r.o.)</p><p>R1 aswSP; C:\Windows</p><p></p><p>\system32\drivers\aswSP.sys [442264</p><p></p><p>2015-05-20] (Avast Software s.r.o.)</p><p>R2 aswStm; C:\Windows</p><p></p><p>\system32\drivers\aswStm.sys</p><p></p><p>[137288 2015-05-20] (Avast Software</p><p></p><p>s.r.o.)</p><p>R0 aswVmm; C:\Windows</p><p></p><p>\System32\Drivers\aswVmm.sys</p><p></p><p>[272248 2015-05-20] ()</p><p>R1 Avgdiska; C:\Windows</p><p></p><p>\System32\DRIVERS\avgdiska.sys</p><p></p><p>[162784 2015-03-11] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R1 Avgfwfd; C:\Windows</p><p></p><p>\System32\DRIVERS\avgfwd6a.sys</p><p></p><p>[67040 2015-03-20] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R1 AVGIDSDriver; C:\Windows</p><p></p><p>\System32\DRIVERS\avgidsdrivera.sys</p><p></p><p>[284128 2015-04-09] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R0 AVGIDSHA; C:\Windows</p><p></p><p>\System32\DRIVERS\avgidsha.sys</p><p></p><p>[213984 2015-03-11] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R1 Avgldx64; C:\Windows</p><p></p><p>\System32\DRIVERS\avgldx64.sys</p><p></p><p>[256992 2015-04-15] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R0 Avgloga; C:\Windows</p><p></p><p>\System32\DRIVERS\avgloga.sys</p><p></p><p>[344544 2015-03-11] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R0 Avgmfx64; C:\Windows</p><p></p><p>\System32\DRIVERS\avgmfx64.sys</p><p></p><p>[137184 2015-04-03] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R0 Avgrkx64; C:\Windows</p><p></p><p>\System32\DRIVERS\avgrkx64.sys</p><p></p><p>[40928 2015-03-20] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R1 Avgtdia; C:\Windows</p><p></p><p>\System32\DRIVERS\avgtdia.sys</p><p></p><p>[291296 2015-04-07] (AVG</p><p></p><p>Technologies CZ, s.r.o.)</p><p>R3 MBAMProtector; C:\Windows</p><p></p><p>\system32\drivers\mbam.sys [25816</p><p></p><p>2015-04-14] (Malwarebytes</p><p></p><p>Corporation)</p><p>R3 MBAMSwissArmy; C:\Windows</p><p></p><p>\system32\drivers</p><p></p><p>\MBAMSwissArmy.sys [136408 2015-</p><p></p><p>05-22] (Malwarebytes Corporation)</p><p>R3 MBAMWebAccessControl; C:</p><p></p><p>\Windows\system32\drivers\mwac.sys</p><p></p><p>[63704 2015-04-14] (Malwarebytes</p><p></p><p>Corporation)</p><p>S3 SWDUMon; C:\Windows</p><p></p><p>\System32\DRIVERS\SWDUMon.sys</p><p></p><p>[16152 2014-06-22] ()</p><p>S1 qknfd; system32\drivers\qknfd.sys</p><p></p><p>[X]</p><p></p><p>====================</p><p></p><p>NetSvcs (Whitelisted)</p><p></p><p>===================</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed from the registry. The</p><p></p><p>file will not be moved unless listed</p><p></p><p>separately.)</p><p></p><p></p><p>==================== One</p><p></p><p>Month Created files and folders</p><p></p><p>========</p><p></p><p>(If an entry is included in the fixlist,</p><p></p><p>the file/folder will be moved.)</p><p></p><p>2015-05-21 21:21 - 2015-05-21 21:21</p><p></p><p>- 00098851 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\FRST.txt</p><p>2015-05-21 21:21 - 2015-05-21 21:21</p><p></p><p>- 00042993 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\Addition.txt</p><p>2015-05-21 20:37 - 2015-05-21 20:38</p><p></p><p>- 00042993 _____ () C:\Users</p><p></p><p>\Sinnfamily\Downloads\Addition.txt</p><p>2015-05-21 20:36 - 2015-05-22 16:12</p><p></p><p>- 00020220 _____ () C:\Users</p><p></p><p>\Sinnfamily\Downloads\FRST.txt</p><p>2015-05-21 20:35 - 2015-05-22 16:12</p><p></p><p>- 00000000 ____D () C:\FRST</p><p>2015-05-21 20:34 - 2015-05-21 20:34</p><p></p><p>- 02108416 _____ (Farbar) C:\Users</p><p></p><p>\Sinnfamily\Downloads\FRST64.exe</p><p>2015-05-21 20:21 - 2015-05-21 20:22</p><p></p><p>- 00465432 _____ () C:\Users</p><p></p><p>\Sinnfamily\Downloads</p><p></p><p>\ESETPoweliksCleaner.exe_20150521.</p><p></p><p>202107.4028.log</p><p>2015-05-21 20:21 - 2015-05-21 20:21</p><p></p><p>- 00000022 _____ () C:\Users</p><p></p><p>\Sinnfamily\Downloads</p><p></p><p>\ESETPoweliksCleaner.exe_20150521.</p><p></p><p>202107.4028.zip</p><p>2015-05-21 20:19 - 2015-05-21 20:19</p><p></p><p>- 00221384 _____ (ESET) C:\Users</p><p></p><p>\Sinnfamily\Downloads</p><p></p><p>\ESETPoweliksCleaner.exe</p><p>2015-05-20 19:51 - 2015-05-20 19:52</p><p></p><p>- 00001484 _____ () C:\Windows</p><p></p><p>\IE11_main.log</p><p>2015-05-20 19:51 - 2015-05-20 19:51</p><p></p><p>- 55915216 _____ (Microsoft</p><p></p><p>Corporation) C:\Users\Sinnfamily</p><p></p><p>\Downloads\IE11-Windows6.1-x64-</p><p></p><p>en-us.exe</p><p>2015-05-20 18:27 - 2015-05-20 18:27</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming\AVAST</p><p></p><p>Software</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 01047320 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Windows\system32\Drivers</p><p></p><p>\aswSnx.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00442264 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Windows\system32\Drivers</p><p></p><p>\aswSP.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00364472 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Windows</p><p></p><p>\system32\aswBoot.exe</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00272248 _____ () C:\Windows</p><p></p><p>\system32\Drivers\aswVmm.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00137288 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Windows\system32\Drivers</p><p></p><p>\aswStm.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00093528 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Windows\system32\Drivers</p><p></p><p>\aswRdr2.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00089944 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Windows\system32\Drivers</p><p></p><p>\aswMonFlt.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00065736 _____ () C:\Windows</p><p></p><p>\system32\Drivers\aswRvrt.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00043112 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Windows\avastSS.scr</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00029168 _____ () C:\Windows</p><p></p><p>\system32\Drivers\aswHwid.sys</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Microsoft\Windows\Start Menu</p><p></p><p>\Programs\AVAST Software</p><p>2015-05-20 18:25 - 2015-05-20 18:25</p><p></p><p>- 00000000 ____D () C:\Program</p><p></p><p>Files\AVAST Software</p><p>2015-05-20 18:24 - 2015-05-20 18:24</p><p></p><p>- 05481336 _____ (Avast Software</p><p></p><p>s.r.o.) C:\Users\Sinnfamily</p><p></p><p>\Downloads</p><p></p><p>\avast_free_antivirus_setup_online_cn</p><p></p><p>et.exe</p><p>2015-05-20 18:24 - 2015-05-20 18:24</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\AVAST Software</p><p>2015-05-20 16:54 - 2015-05-20 16:54</p><p></p><p>- 00347816 _____ (Microsoft</p><p></p><p>Corporation) C:\Users\Sinnfamily</p><p></p><p>\Downloads</p><p></p><p>\MicrosoftFixit.ProgramInstallUninstall</p><p></p><p>.RNP.135558928799315.1.4.Run.exe</p><p>2015-05-20 16:43 - 2015-05-20 16:43</p><p></p><p>- 00347816 _____ (Microsoft</p><p></p><p>Corporation) C:\Users\Sinnfamily</p><p></p><p>\Downloads</p><p></p><p>\MicrosoftFixit.ProgramInstallUninstall</p><p></p><p>.RNP.Run (2).exe</p><p>2015-05-20 16:38 - 2015-05-20 16:38</p><p></p><p>- 00347816 _____ (Microsoft</p><p></p><p>Corporation) C:\Users\Sinnfamily</p><p></p><p>\Downloads</p><p></p><p>\MicrosoftFixit.ProgramInstallUninstall</p><p></p><p>.RNP.Run (1).exe</p><p>2015-05-20 16:34 - 2015-05-20 16:34</p><p></p><p>- 00039148 _____ () C:\Users</p><p></p><p>\Sinnfamily\Downloads</p><p></p><p>\ResultReport.html</p><p>2015-05-20 16:33 - 2015-05-20 16:44</p><p></p><p>- 00000000 ____D () C:\MATS</p><p>2015-05-20 16:32 - 2015-05-20 16:32</p><p></p><p>- 00347816 _____ (Microsoft</p><p></p><p>Corporation) C:\Users\Sinnfamily</p><p></p><p>\Downloads</p><p></p><p>\MicrosoftFixit.ProgramInstallUninstall</p><p></p><p>.RNP.Run.exe</p><p>2015-05-20 15:52 - 2015-05-22 16:10</p><p></p><p>- 00136408 _____ (Malwarebytes</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\Drivers</p><p></p><p>\MBAMSwissArmy.sys</p><p>2015-05-20 15:51 - 2015-05-20 16:23</p><p></p><p>- 00000000 ____D () C:\Program Files</p><p></p><p>(x86)\Malwarebytes Anti-Malware</p><p>2015-05-20 15:51 - 2015-05-20 15:51</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Microsoft\Windows\Start Menu</p><p></p><p>\Programs\Malwarebytes Anti-</p><p></p><p>Malware</p><p>2015-05-20 15:51 - 2015-05-20 15:51</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Malwarebytes</p><p>2015-05-20 15:51 - 2015-04-14 09:37</p><p></p><p>- 00107736 _____ (Malwarebytes</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\Drivers</p><p></p><p>\mbamchameleon.sys</p><p>2015-05-20 15:51 - 2015-04-14 09:37</p><p></p><p>- 00063704 _____ (Malwarebytes</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\Drivers\mwac.sys</p><p>2015-05-20 15:51 - 2015-04-14 09:37</p><p></p><p>- 00025816 _____ (Malwarebytes</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\Drivers\mbam.sys</p><p>2015-05-20 15:50 - 2015-05-20 15:50</p><p></p><p>- 21546080 _____ (Malwarebytes</p><p></p><p>Corporation ) C:\Users\Sinnfamily</p><p></p><p>\Downloads\mbam-setup-</p><p></p><p>2.1.6.1022.exe</p><p>2015-05-20 10:40 - 2015-05-20 10:40</p><p></p><p>- 00073896 _____ () C:\Users</p><p></p><p>\Sinnfamily\Downloads\[SURVEY</p><p></p><p>PREVIEW MODE] Spring into Summer</p><p></p><p>Feedback 2014 Survey Last years.htm</p><p>2015-05-20 10:32 - 2015-05-22 16:09</p><p></p><p>- 00000616 _____ () C:\Windows</p><p></p><p>\setupact.log</p><p>2015-05-20 10:32 - 2015-05-22 15:55</p><p></p><p>- 00079622 _____ () C:\Windows</p><p></p><p>\PFRO.log</p><p>2015-05-20 10:32 - 2015-05-20 10:32</p><p></p><p>- 00000000 _____ () C:\Windows</p><p></p><p>\setuperr.log</p><p>2015-05-20 09:46 - 2015-05-20 09:46</p><p></p><p>- 00003874 _____ () C:\Windows</p><p></p><p>\System32\Tasks\Google Update</p><p>2015-05-20 09:46 - 2015-05-20 09:46</p><p></p><p>- 00003694 _____ () C:\Windows</p><p></p><p>\System32\Tasks\Adobe Reader and</p><p></p><p>Acrobat Manager</p><p>2015-05-20 09:39 - 2015-05-20 09:39</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Microsoft\Windows\Start Menu</p><p></p><p>\Programs\AVG PC TuneUp 2015</p><p>2015-05-20 09:37 - 2015-05-20 09:37</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Avg</p><p>2015-05-17 14:05 - 2015-05-21 06:17</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\Tre shower</p><p>2015-05-17 12:27 - 2015-05-17 12:27</p><p></p><p>- 00403453 _____ () C:\Users</p><p></p><p>\Sinnfamily\Documents\Tom Daddy</p><p></p><p>game.ods</p><p>2015-05-17 12:18 - 2015-05-17 12:18</p><p></p><p>- 00073896 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\[SURVEY</p><p></p><p>PREVIEW MODE] Spring into Summer</p><p></p><p>Feedback 2014 Survey Last years.htm</p><p>2015-05-14 18:10 - 2015-05-17 04:28</p><p></p><p>- 00000000 ____D () C:\Program Files</p><p></p><p>(x86)\Mozilla Firefox</p><p>2015-05-13 16:02 - 2015-05-13 16:02</p><p></p><p>- 00010896 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\upcoming</p><p></p><p>events.odt</p><p>2015-05-13 03:03 - 2015-05-01 08:17</p><p></p><p>- 00124112 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\PresentationCFFRasterizer</p><p></p><p>Native_v0300.dll</p><p>2015-05-13 03:03 - 2015-05-01 08:16</p><p></p><p>- 00102608 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\PresentationCFFRasterize</p><p></p><p>rNative_v0300.dll</p><p>2015-05-12 14:49 - 2015-05-04 20:29</p><p></p><p>- 00342016 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\schannel.dll</p><p>2015-05-12 14:49 - 2015-05-04 20:12</p><p></p><p>- 00248832 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\schannel.dll</p><p>2015-05-12 14:49 - 2015-04-21 21:28</p><p></p><p>- 00389840 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\iedkcs32.dll</p><p>2015-05-12 14:49 - 2015-04-21 20:48</p><p></p><p>- 00342736 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\iedkcs32.dll</p><p>2015-05-12 14:49 - 2015-04-21 12:14</p><p></p><p>- 24971776 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\mshtml.dll</p><p>2015-05-12 14:49 - 2015-04-21 12:08</p><p></p><p>- 02724864 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\mshtml.tlb</p><p>2015-05-12 14:49 - 2015-04-21 12:07</p><p></p><p>- 00004096 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ieetwcollectorres.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:51</p><p></p><p>- 00066560 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\iesetup.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:50</p><p></p><p>- 00584192 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\vbscript.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:50</p><p></p><p>- 00417792 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\html.iec</p><p>2015-05-12 14:49 - 2015-04-21 11:50</p><p></p><p>- 00048640 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ieetwproxystub.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:49</p><p></p><p>- 02885120 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\iertutil.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:48</p><p></p><p>- 00088064 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\MshtmlDac.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:41</p><p></p><p>- 00054784 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\jsproxy.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:40</p><p></p><p>- 00034304 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\iernonce.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:37</p><p></p><p>- 00633856 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ieui.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:35</p><p></p><p>- 00816640 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\jscript.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:35</p><p></p><p>- 00144384 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ieUnatt.exe</p><p>2015-05-12 14:49 - 2015-04-21 11:35</p><p></p><p>- 00114688 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ieetwcollector.exe</p><p>2015-05-12 14:49 - 2015-04-21 11:34</p><p></p><p>- 00814080 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\jscript9diag.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:31</p><p></p><p>- 06025728 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\jscript9.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:26</p><p></p><p>- 00968704 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\MsSpellCheckingFacility.ex</p><p></p><p>e</p><p>2015-05-12 14:49 - 2015-04-21 11:25</p><p></p><p>- 02724864 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\mshtml.tlb</p><p>2015-05-12 14:49 - 2015-04-21 11:24</p><p></p><p>- 19691008 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\mshtml.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:22</p><p></p><p>- 00490496 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\dxtmsft.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:14</p><p></p><p>- 00077824 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\JavaScriptCollectionAgent.</p><p></p><p>dll</p><p>2015-05-12 14:49 - 2015-04-21 11:11</p><p></p><p>- 00504320 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\vbscript.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:11</p><p></p><p>- 00062464 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\iesetup.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:10</p><p></p><p>- 00047616 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ieetwproxystub.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:09</p><p></p><p>- 00341504 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\html.iec</p><p>2015-05-12 14:49 - 2015-04-21 11:09</p><p></p><p>- 00199680 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\msrating.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:08</p><p></p><p>- 00092160 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\mshtmled.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:08</p><p></p><p>- 00064000 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\MshtmlDac.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:05</p><p></p><p>- 00316928 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\dxtrans.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:04</p><p></p><p>- 02278400 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\iertutil.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:03</p><p></p><p>- 00047104 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\jsproxy.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:02</p><p></p><p>- 00030720 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\iernonce.dll</p><p>2015-05-12 14:49 - 2015-04-21 11:00</p><p></p><p>- 00478208 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ieui.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:58</p><p></p><p>- 00664576 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\jscript.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:58</p><p></p><p>- 00115712 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ieUnatt.exe</p><p>2015-05-12 14:49 - 2015-04-21 10:57</p><p></p><p>- 00620032 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\jscript9diag.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:49</p><p></p><p>- 00801280 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\msfeeds.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:49</p><p></p><p>- 00720384 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ie4uinit.exe</p><p>2015-05-12 14:49 - 2015-04-21 10:48</p><p></p><p>- 00418304 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\dxtmsft.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:47</p><p></p><p>- 01359360 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\mshtmlmedia.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:46</p><p></p><p>- 02125824 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\inetcpl.cpl</p><p>2015-05-12 14:49 - 2015-04-21 10:43</p><p></p><p>- 00060416 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\JavaScriptCollectionAgen</p><p></p><p>t.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:40</p><p></p><p>- 14401536 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ieframe.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:39</p><p></p><p>- 00168960 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\msrating.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:38</p><p></p><p>- 00076288 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\mshtmled.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:36</p><p></p><p>- 00285696 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\dxtrans.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:31</p><p></p><p>- 04305920 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\jscript9.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:27</p><p></p><p>- 02352128 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\wininet.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:26</p><p></p><p>- 00688640 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\msfeeds.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:25</p><p></p><p>- 02052608 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\inetcpl.cpl</p><p>2015-05-12 14:49 - 2015-04-21 10:24</p><p></p><p>- 01155072 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\mshtmlmedia.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:17</p><p></p><p>- 12828672 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ieframe.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:15</p><p></p><p>- 01547264 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\urlmon.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:03</p><p></p><p>- 00800768 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ieapfltr.dll</p><p>2015-05-12 14:49 - 2015-04-21 10:02</p><p></p><p>- 01882112 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\wininet.dll</p><p>2015-05-12 14:49 - 2015-04-21 09:58</p><p></p><p>- 01310208 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\urlmon.dll</p><p>2015-05-12 14:49 - 2015-04-21 09:56</p><p></p><p>- 00710144 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ieapfltr.dll</p><p>2015-05-12 14:49 - 2015-04-17 22:10</p><p></p><p>- 00460800 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\certcli.dll</p><p>2015-05-12 14:49 - 2015-04-17 21:56</p><p></p><p>- 00342016 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\certcli.dll</p><p>2015-05-12 14:49 - 2015-04-12 22:28</p><p></p><p>- 00328704 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\services.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:28</p><p></p><p>- 05569984 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ntoskrnl.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:28</p><p></p><p>- 00155584 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\Drivers\ksecpkg.sys</p><p>2015-05-12 14:48 - 2015-04-27 14:28</p><p></p><p>- 00095680 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\Drivers\ksecdd.sys</p><p>2015-05-12 14:48 - 2015-04-27 14:26</p><p></p><p>- 01728960 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ntdll.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 01461760 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\lsasrv.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 01254400 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\diagtrack.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 01162752 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\kernel32.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00879104 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\tdh.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00879104 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\advapi32.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00728064 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\kerberos.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00503808 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\srcore.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00424448 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\KernelBase.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00362496 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\wow64win.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00314880 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\msv1_0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00309760 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ncrypt.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00243712 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\wow64.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00215040 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\winsrv.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00210944 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\wdigest.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00136192 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\sspicli.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00113664 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\sechost.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00086528 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\TSpkg.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00050176 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\srclient.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00043520 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\csrsrv.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00029184 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\sspisrv.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00028160 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\secur32.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00022016 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\credssp.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00016384 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\ntvdm64.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:23</p><p></p><p>- 00013312 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\wow64cpu.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00404992 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\tracerpt.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00338432 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\conhost.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00296960 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\rstrui.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00112640 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\smss.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00104448 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\logman.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00047104 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\typeperf.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00043008 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\relog.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00031232 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\lsass.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:22</p><p></p><p>- 00019456 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\diskperf.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:21</p><p></p><p>- 00064000 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\auditpol.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:18</p><p></p><p>- 00146432 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\msaudite.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:18</p><p></p><p>- 00060416 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\msobjs.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00686080 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\adtschema.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00006656 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\apisetschema.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00006144 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-security-base-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00005120 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-file-l1-1-</p><p></p><p>0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00004608 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>threadpool-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00004608 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>processthreads-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-sysinfo-l1</p><p></p><p>-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-synch-l1-</p><p></p><p>1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>localregistry-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>localization-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>rtlsupport-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>processenvironment-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>namedpipe-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-misc-l1-1</p><p></p><p>-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-memory-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>libraryloader-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-heap-l1-1</p><p></p><p>-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-xstate-l1</p><p></p><p>-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-util-l1-1-</p><p></p><p>0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-string-l1-</p><p></p><p>1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-profile-l1</p><p></p><p>-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-io-l1-1-</p><p></p><p>0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>interlocked-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-handle-l1</p><p></p><p>-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-fibers-l1-</p><p></p><p>1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>errorhandling-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-</p><p></p><p>delayload-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-debug-l1</p><p></p><p>-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-datetime-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:16</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\api-ms-win-core-console-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:11</p><p></p><p>- 03989440 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ntkrnlpa.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:11</p><p></p><p>- 03934144 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ntoskrnl.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:08</p><p></p><p>- 01310744 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ntdll.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00635392 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\tdh.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00259584 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\msv1_0.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00221184 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ncrypt.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00172032 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\wdigest.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00092160 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\sechost.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00065536 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\TSpkg.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00043008 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\srclient.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00022016 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\secur32.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:05</p><p></p><p>- 00014336 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\ntvdm64.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00641536 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\advapi32.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00550912 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\kerberos.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00364544 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\tracerpt.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00082944 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\logman.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00040448 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\typeperf.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00037888 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\relog.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00025600 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\setup16.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:04</p><p></p><p>- 00017408 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\credssp.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:03</p><p></p><p>- 01114112 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\kernel32.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:03</p><p></p><p>- 00274944 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\KernelBase.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:03</p><p></p><p>- 00096768 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\sspicli.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:03</p><p></p><p>- 00050176 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\auditpol.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:03</p><p></p><p>- 00017408 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\diskperf.exe</p><p>2015-05-12 14:48 - 2015-04-27 14:03</p><p></p><p>- 00005120 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\wow32.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:01</p><p></p><p>- 00146432 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\msaudite.dll</p><p>2015-05-12 14:48 - 2015-04-27 14:01</p><p></p><p>- 00060416 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\msobjs.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00686080 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\adtschema.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00006656 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\apisetschema.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00005120 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-file-l1-1</p><p></p><p>-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00004608 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>processthreads-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-sysinfo-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-synch-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-misc-l1</p><p></p><p>-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>localregistry-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00004096 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>localization-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>processenvironment-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>namedpipe-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>memory-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>libraryloader-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>interlocked-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-heap-l1</p><p></p><p>-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-string-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>rtlsupport-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-profile-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-io-l1-1-</p><p></p><p>0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-handle-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-fibers-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>errorhandling-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>delayload-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-debug-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>datetime-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:59</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>console-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 13:06</p><p></p><p>- 00036864 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\UtcResources.dll</p><p>2015-05-12 14:48 - 2015-04-27 12:57</p><p></p><p>- 00007680 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\instnm.exe</p><p>2015-05-12 14:48 - 2015-04-27 12:57</p><p></p><p>- 00002048 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\user.exe</p><p>2015-05-12 14:48 - 2015-04-27 12:55</p><p></p><p>- 00006144 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-security-</p><p></p><p>base-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 12:55</p><p></p><p>- 00004608 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-</p><p></p><p>threadpool-l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 12:55</p><p></p><p>- 00003584 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-xstate-</p><p></p><p>l1-1-0.dll</p><p>2015-05-12 14:48 - 2015-04-27 12:55</p><p></p><p>- 00003072 ____H (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\api-ms-win-core-util-l1-</p><p></p><p>1-0.dll</p><p>2015-05-12 14:48 - 2015-04-19 22:17</p><p></p><p>- 01647104 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\DWrite.dll</p><p>2015-05-12 14:48 - 2015-04-19 22:17</p><p></p><p>- 01179136 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\FntCache.dll</p><p>2015-05-12 14:48 - 2015-04-19 21:56</p><p></p><p>- 01250816 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\DWrite.dll</p><p>2015-05-12 14:48 - 2015-04-19 21:11</p><p></p><p>- 03204608 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\win32k.sys</p><p>2015-05-12 14:48 - 2015-04-07 22:29</p><p></p><p>- 00275456 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\InkEd.dll</p><p>2015-05-12 14:48 - 2015-04-07 22:29</p><p></p><p>- 00024576 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\jnwmon.dll</p><p>2015-05-12 14:48 - 2015-04-07 22:14</p><p></p><p>- 00216064 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\InkEd.dll</p><p>2015-05-12 14:48 - 2015-03-03 23:41</p><p></p><p>- 00342016 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\apphelp.dll</p><p>2015-05-12 14:48 - 2015-03-03 23:41</p><p></p><p>- 00072192 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\aelupsvc.dll</p><p>2015-05-12 14:48 - 2015-03-03 23:41</p><p></p><p>- 00023552 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\sdbinst.exe</p><p>2015-05-12 14:48 - 2015-03-03 23:41</p><p></p><p>- 00006656 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\shimeng.dll</p><p>2015-05-12 14:48 - 2015-03-03 23:11</p><p></p><p>- 00005120 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\shimeng.dll</p><p>2015-05-12 14:48 - 2015-03-03 23:10</p><p></p><p>- 00295936 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\apphelp.dll</p><p>2015-05-12 14:48 - 2015-03-03 23:10</p><p></p><p>- 00020992 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\sdbinst.exe</p><p>2015-05-12 14:48 - 2015-02-18 02:06</p><p></p><p>- 00123904 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\poqexec.exe</p><p>2015-05-12 14:48 - 2015-02-18 02:04</p><p></p><p>- 00142336 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\poqexec.exe</p><p>2015-05-12 14:48 - 2015-01-28 22:19</p><p></p><p>- 02543104 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\wpdshext.dll</p><p>2015-05-12 14:48 - 2015-01-28 22:02</p><p></p><p>- 02311168 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\wpdshext.dll</p><p>2015-05-11 22:02 - 2015-05-11 22:02</p><p></p><p>- 00000298 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\parking.txt</p><p>2015-05-09 23:33 - 2015-05-09 23:33</p><p></p><p>- 00000488 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\setup for</p><p></p><p>Heather.txt</p><p>2015-05-07 19:04 - 2015-05-15 04:21</p><p></p><p>- 00020716 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\planning.ods</p><p>2015-05-07 15:32 - 2015-05-07 15:32</p><p></p><p>- 00188416 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\certificate-of-</p><p></p><p>participation-1.pot</p><p>2015-04-27 10:01 - 2015-04-27 10:01</p><p></p><p>- 00000049 _____ () C:\Users</p><p></p><p>\Sinnfamily\Desktop\link to JSA</p><p></p><p>womans page.txt</p><p></p><p>==================== One</p><p></p><p>Month Modified files and folders</p><p></p><p>========</p><p></p><p>(If an entry is included in the fixlist,</p><p></p><p>the file/folder will be moved.)</p><p></p><p>2015-05-22 16:12 - 2009-11-26 12:46</p><p></p><p>- 01296374 _____ () C:\Windows</p><p></p><p>\WindowsUpdate.log</p><p>2015-05-22 16:10 - 2014-12-31 22:06</p><p></p><p>- 00000348 _____ () C:\Windows</p><p></p><p>\Tasks\HP Photo Creations</p><p></p><p>Communicator.job</p><p>2015-05-22 16:10 - 2013-03-20 10:23</p><p></p><p>- 00000412 _____ () C:\Windows</p><p></p><p>\Tasks</p><p></p><p>\FreeFileViewerUpdateChecker.job</p><p>2015-05-22 16:10 - 2011-09-21 15:49</p><p></p><p>- 00000894 _____ () C:\Windows</p><p></p><p>\Tasks</p><p></p><p>\GoogleUpdateTaskMachineCore.job</p><p>2015-05-22 16:09 - 2009-07-14 00:08</p><p></p><p>- 00000006 ____H () C:\Windows</p><p></p><p>\Tasks\SA.DAT</p><p>2015-05-22 16:03 - 2009-07-13 23:45</p><p></p><p>- 00018736 ____H () C:\Windows</p><p></p><p>\system32\7B296FB0-376B-497e-</p><p></p><p>B012-9C450E1B7327-5P-1.C7483456</p><p></p><p>-A289-439d-8115-601632D005A0</p><p>2015-05-22 16:03 - 2009-07-13 23:45</p><p></p><p>- 00018736 ____H () C:\Windows</p><p></p><p>\system32\7B296FB0-376B-497e-</p><p></p><p>B012-9C450E1B7327-5P-0.C7483456</p><p></p><p>-A289-439d-8115-601632D005A0</p><p>2015-05-22 16:00 - 2013-06-13 11:32</p><p></p><p>- 00000830 _____ () C:\Windows</p><p></p><p>\Tasks\Adobe Flash Player</p><p></p><p>Updater.job</p><p>2015-05-22 16:00 - 2009-07-14 00:13</p><p></p><p>- 00782510 _____ () C:\Windows</p><p></p><p>\system32\PerfStringBackup.INI</p><p>2015-05-22 15:59 - 2011-02-15 13:35</p><p></p><p>- 00000928 _____ () C:\Windows</p><p></p><p>\Tasks\GoogleUpdateTaskUserS-1-5-</p><p></p><p>21-2643768202-156854014-</p><p></p><p>2583388340-1001UA.job</p><p>2015-05-22 15:54 - 2011-02-15 13:35</p><p></p><p>- 00000876 _____ () C:\Windows</p><p></p><p>\Tasks\GoogleUpdateTaskUserS-1-5-</p><p></p><p>21-2643768202-156854014-</p><p></p><p>2583388340-1001Core.job</p><p>2015-05-22 15:49 - 2011-09-21 15:49</p><p></p><p>- 00000898 _____ () C:\Windows</p><p></p><p>\Tasks</p><p></p><p>\GoogleUpdateTaskMachineUA.job</p><p>2015-05-21 19:58 - 2009-12-20 10:43</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming\Adobe</p><p>2015-05-21 06:23 - 2011-11-11 21:22</p><p></p><p>- 00000114 _____ () C:\Users</p><p></p><p>\Sinnfamily\jobq.dat</p><p>2015-05-21 06:22 - 2015-01-29 23:21</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\2015 SIS</p><p>2015-05-21 06:18 - 2011-04-11 23:59</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\Family tree</p><p>2015-05-21 06:17 - 2014-01-17 20:26</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\SIS 2014</p><p>2015-05-21 06:17 - 2010-12-11 22:17</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\BBR handouts &</p><p></p><p>interview stuff</p><p>2015-05-20 19:48 - 2010-09-17 22:46</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\New folder</p><p>2015-05-20 16:41 - 2010-09-30 09:14</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\MFAData</p><p>2015-05-20 16:13 - 2011-04-09 20:27</p><p></p><p>- 00000000 ____D () C:\Windows</p><p></p><p>\RegisteredPackages</p><p>2015-05-20 16:12 - 2014-02-16 13:40</p><p></p><p>- 00000000 ____D () C:\Program</p><p></p><p>Files\Conduit</p><p>2015-05-20 16:12 - 2014-02-16 13:40</p><p></p><p>- 00000000 ____D () C:\Program Files</p><p></p><p>(x86)\Conduit</p><p>2015-05-20 15:34 - 2012-01-01 11:18</p><p></p><p>- 00000000 ____D () C:\Windows\pss</p><p>2015-05-20 10:32 - 2014-12-13 20:32</p><p></p><p>- 00000352 _____ () C:\Windows</p><p></p><p>\Tasks</p><p></p><p>\HPCeeScheduleForSinnfamily.job</p><p>2015-05-20 09:45 - 2011-01-10 18:38</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming\Skype</p><p>2015-05-20 09:45 - 2009-12-21 17:00</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming</p><p></p><p>\HpUpdate</p><p>2015-05-20 09:45 - 2009-08-21 14:36</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Temp</p><p>2015-05-20 09:45 - 2009-07-13 22:20</p><p></p><p>- 00000000 ____D () C:\Windows</p><p></p><p>\system32\sysprep</p><p>2015-05-20 09:40 - 2012-10-06 19:07</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\AVG</p><p>2015-05-20 09:39 - 2011-11-04 00:29</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming\AVG</p><p>2015-05-20 09:39 - 2010-02-21 19:42</p><p></p><p>- 00000000 ____D () C:\Program Files</p><p></p><p>(x86)\AVG</p><p>2015-05-20 08:10 - 2014-12-13 20:32</p><p></p><p>- 00003216 _____ () C:\Windows</p><p></p><p>\System32\Tasks</p><p></p><p>\HPCeeScheduleForSinnfamily</p><p>2015-05-20 07:56 - 2009-07-14 00:08</p><p></p><p>- 00032560 _____ () C:\Windows</p><p></p><p>\Tasks\SCHEDLGU.TXT</p><p>2015-05-19 18:32 - 2012-04-08 14:23</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\BBR2012</p><p>2015-05-19 18:10 - 2015-04-05 03:01</p><p></p><p>- 00000000 ___SD () C:\Windows</p><p></p><p>\SysWOW64\GWX</p><p>2015-05-19 18:10 - 2015-04-05 03:01</p><p></p><p>- 00000000 ___SD () C:\Windows</p><p></p><p>\system32\GWX</p><p>2015-05-18 15:30 - 2011-04-09 20:27</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Documents\Family Tree</p><p></p><p>Maker</p><p>2015-05-17 04:54 - 2011-02-15 13:35</p><p></p><p>- 00003908 _____ () C:\Windows</p><p></p><p>\System32\Tasks</p><p></p><p>\GoogleUpdateTaskUserS-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001UA</p><p>2015-05-17 04:54 - 2011-02-15 13:35</p><p></p><p>- 00003512 _____ () C:\Windows</p><p></p><p>\System32\Tasks</p><p></p><p>\GoogleUpdateTaskUserS-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001Core</p><p>2015-05-17 04:28 - 2014-02-14 21:27</p><p></p><p>- 00000000 ____D () C:\Program Files</p><p></p><p>(x86)\Mozilla Maintenance Service</p><p>2015-05-16 19:27 - 2015-03-01 00:55</p><p></p><p>- 00000052 _____ () C:\Windows</p><p></p><p>\SysWOW64\DOErrors.log</p><p>2015-05-15 15:44 - 2011-09-21 15:49</p><p></p><p>- 00003894 _____ () C:\Windows</p><p></p><p>\System32\Tasks</p><p></p><p>\GoogleUpdateTaskMachineUA</p><p>2015-05-15 15:44 - 2011-09-21 15:49</p><p></p><p>- 00003642 _____ () C:\Windows</p><p></p><p>\System32\Tasks</p><p></p><p>\GoogleUpdateTaskMachineCore</p><p>2015-05-13 06:53 - 2009-07-13 22:20</p><p></p><p>- 00000000 ____D () C:\Windows</p><p></p><p>\rescache</p><p>2015-05-13 03:36 - 2009-07-13 23:45</p><p></p><p>- 00359008 _____ () C:\Windows</p><p></p><p>\system32\FNTCACHE.DAT</p><p>2015-05-13 03:35 - 2013-03-14 03:01</p><p></p><p>- 00000000 ____D () C:\Program</p><p></p><p>Files\Microsoft Silverlight</p><p>2015-05-13 03:35 - 2013-03-14 03:01</p><p></p><p>- 00000000 ____D () C:\Program Files</p><p></p><p>(x86)\Microsoft Silverlight</p><p>2015-05-13 03:32 - 2009-07-14 02:45</p><p></p><p>- 00000000 ____D () C:\Program</p><p></p><p>Files\Windows Journal</p><p>2015-05-13 03:32 - 2009-07-13 22:20</p><p></p><p>- 00000000 ____D () C:\Windows</p><p></p><p>\system32\AdvancedInstallers</p><p>2015-05-13 03:13 - 2013-08-01 03:05</p><p></p><p>- 00000000 ____D () C:\Windows</p><p></p><p>\system32\MRT</p><p>2015-05-13 03:08 - 2009-12-23 06:44</p><p></p><p>- 140425016 _____ (Microsoft</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\system32\MRT.exe</p><p>2015-05-13 03:03 - 2013-03-14 03:02</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Microsoft\Windows\Start Menu</p><p></p><p>\Programs\Microsoft Silverlight</p><p>2015-05-11 08:30 - 2012-08-08 23:54</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\Newletter</p><p>2015-05-04 09:08 - 2010-01-14 19:11</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\Bills paid</p><p>2015-05-04 08:23 - 2009-07-13 22:20</p><p></p><p>- 00000000 ____D () C:\Windows</p><p></p><p>\system32\NDF</p><p>2015-05-04 07:48 - 2010-04-20 06:30</p><p></p><p>- 00000000 ____D () C:\Users</p><p></p><p>\Sinnfamily\Desktop\Scot's stuff</p><p>2015-05-04 07:46 - 2009-12-20 13:58</p><p></p><p>- 00029720 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming</p><p></p><p>\wklnhst.dat</p><p>2015-04-30 16:38 - 2009-12-20 18:16</p><p></p><p>- 00000552 _____ () C:\Windows</p><p></p><p>\Tasks</p><p></p><p>\PCDRScheduledMaintenance.job</p><p>2015-04-30 07:06 - 2014-03-31 12:52</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Microsoft\Windows\Start Menu</p><p></p><p>\Programs\AVG</p><p>2015-04-27 11:37 - 2013-10-22 08:27</p><p></p><p>- 00000000 ____D () C:\ProgramData</p><p></p><p>\Oracle</p><p>2015-04-27 11:37 - 2010-04-02 05:20</p><p></p><p>- 00000000 ____D () C:\Program Files</p><p></p><p>(x86)\Java</p><p>2015-04-27 11:36 - 2014-10-20 16:51</p><p></p><p>- 00098216 _____ (Oracle</p><p></p><p>Corporation) C:\Windows</p><p></p><p>\SysWOW64\WindowsAccessBridge-</p><p></p><p>32.dll</p><p></p><p>==================== Files</p><p></p><p>in the root of some directories</p><p></p><p>=======</p><p></p><p>2014-11-28 06:27 - 2015-03-12 23:04</p><p></p><p>- 0000115 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming</p><p></p><p>\LogFile.txt</p><p>2009-12-20 13:58 - 2015-05-04 07:46</p><p></p><p>- 0029720 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Roaming</p><p></p><p>\wklnhst.dat</p><p>2011-10-04 16:39 - 2014-03-11 08:40</p><p></p><p>- 0123098 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\ars.cache</p><p>2011-10-04 16:39 - 2014-03-11 08:40</p><p></p><p>- 1687450 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\census.cache</p><p>2010-01-21 22:06 - 2010-01-21 22:06</p><p></p><p>- 0000036 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\housecall.guid.cache</p><p>2011-11-04 15:30 - 2012-03-02 15:37</p><p></p><p>- 0007616 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\Resmon.ResmonCfg</p><p>2014-03-11 08:09 - 2014-03-11 08:09</p><p></p><p>- 0000010 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\sponge.last.runtime.cache</p><p>2012-07-02 13:31 - 2012-07-02 13:31</p><p></p><p>- 2799039 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp008.JPG</p><p>2012-08-06 12:29 - 2012-08-06 12:30</p><p></p><p>- 2124933 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmp1.JPG</p><p>2011-03-22 12:37 - 2011-03-22 12:37</p><p></p><p>- 0083509 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp162721_1808201247450_1312501</p><p></p><p>035_2079019_43889_N[1].JPG</p><p>2011-08-23 20:28 - 2011-08-23 20:28</p><p></p><p>- 0014004 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp168319_1869646863991_1325676</p><p></p><p>592_2419376_8148056_N.JPG</p><p>2012-04-18 11:45 - 2012-04-18 11:45</p><p></p><p>- 1242447 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmp2012-</p><p></p><p>04-17_21-38-59_182.0</p><p>2012-04-18 11:45 - 2012-04-18 11:45</p><p></p><p>- 0499522 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmp2012-</p><p></p><p>04-17_21-38-59_182.JPG</p><p>2012-10-23 11:40 - 2012-10-23 11:40</p><p></p><p>- 1284650 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp20120205PARADE AWARD0001.0</p><p>2012-10-23 11:40 - 2012-10-23 11:40</p><p></p><p>- 0833582 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp20120205PARADE</p><p></p><p>AWARD0001.JPG</p><p>2011-05-08 17:02 - 2011-05-08 17:02</p><p></p><p>- 0012434 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp222240_158756360853195_10000</p><p></p><p>1564965041_380420_6001237_N.JPG</p><p>2011-06-18 23:29 - 2011-06-18 23:29</p><p></p><p>- 0276955 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp257237_117407341680488_10000</p><p></p><p>2336692814_156079_3039679_O.0</p><p>2011-06-18 23:29 - 2011-06-18 23:29</p><p></p><p>- 0247997 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp257237_117407341680488_10000</p><p></p><p>2336692814_156079_3039679_O.JPG</p><p>2012-10-28 12:49 - 2012-10-28 12:49</p><p></p><p>- 0040236 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp2B98A1C0D66B.JPG</p><p>2012-07-23 17:15 - 2012-07-23 17:15</p><p></p><p>- 0042681 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp530065_10151032695518389_150</p><p></p><p>0591922_N.JPG</p><p>2011-10-04 09:19 - 2011-10-04 09:19</p><p></p><p>- 0105908 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp533706_DEFAULT.JPG</p><p>2011-03-22 12:30 - 2011-03-22 12:30</p><p></p><p>- 0044793 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp6776_1225016944450_119979888</p><p></p><p>0_30669952_5465887_N[1].JPG</p><p>2012-03-04 15:59 - 2012-03-04 15:59</p><p></p><p>- 0007307 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp70760_100000487607807_190706</p><p></p><p>0964_N.0</p><p>2012-03-04 15:59 - 2012-03-04 15:59</p><p></p><p>- 0007478 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp70760_100000487607807_190706</p><p></p><p>0964_N.1</p><p>2012-03-04 15:59 - 2012-03-04 15:59</p><p></p><p>- 0007635 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmp70760_100000487607807_190706</p><p></p><p>0964_N.JPG</p><p>2012-08-08 12:22 - 2012-08-08 12:22</p><p></p><p>- 0145542 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpBO0222.JPG</p><p>2010-06-14 19:30 - 2010-06-14 19:30</p><p></p><p>- 3815225 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpCURIOSITY[1].0</p><p>2010-06-14 19:30 - 2010-06-14 19:30</p><p></p><p>- 0749501 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpCURIOSITY[1].JPG</p><p>2012-08-12 10:03 - 2012-08-12 10:03</p><p></p><p>- 0078042 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDFJJDAYS.0</p><p>2012-08-12 10:03 - 2012-08-12 10:03</p><p></p><p>- 0073577 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDFJJDAYS.JPG</p><p>2012-08-04 13:50 - 2012-08-04 13:50</p><p></p><p>- 3744944 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmpDOTTY</p><p></p><p>2.JPG</p><p>2012-04-29 15:45 - 2012-04-29 15:45</p><p></p><p>- 3795290 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0066.JPG</p><p>2012-04-29 15:46 - 2012-04-29 15:46</p><p></p><p>- 4073377 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0067.JPG</p><p>2012-04-29 15:48 - 2012-04-29 15:48</p><p></p><p>- 3826196 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0068.JPG</p><p>2012-04-29 16:15 - 2012-04-29 16:15</p><p></p><p>- 3979096 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0069.JPG</p><p>2012-04-29 16:16 - 2012-04-29 16:16</p><p></p><p>- 3860447 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0071.JPG</p><p>2012-06-07 20:05 - 2012-06-07 20:05</p><p></p><p>- 1324937 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0113.0</p><p>2012-06-07 20:05 - 2012-06-07 20:05</p><p></p><p>- 1134693 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0113.JPG</p><p>2012-06-07 20:06 - 2012-06-07 20:10</p><p></p><p>- 1169968 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0114.0</p><p>2012-06-07 20:10 - 2012-06-07 20:10</p><p></p><p>- 1165070 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0114.JPG</p><p>2012-06-07 20:07 - 2012-06-07 20:07</p><p></p><p>- 1132928 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0115.0</p><p>2012-06-07 20:07 - 2012-06-07 20:07</p><p></p><p>- 1466839 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0115.JPG</p><p>2012-06-07 20:03 - 2012-06-07 20:03</p><p></p><p>- 1344625 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0121.0</p><p>2012-06-07 20:03 - 2012-06-07 20:03</p><p></p><p>- 0922643 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0121.JPG</p><p>2012-06-07 20:02 - 2012-06-07 20:02</p><p></p><p>- 1354697 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0126.0</p><p>2012-06-07 20:02 - 2012-06-07 20:02</p><p></p><p>- 0861878 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0126.JPG</p><p>2012-06-07 23:55 - 2012-06-07 23:55</p><p></p><p>- 3874104 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0129.JPG</p><p>2012-06-07 23:56 - 2012-06-07 23:56</p><p></p><p>- 0293557 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0129_CROP.JPG</p><p>2012-07-30 23:17 - 2012-07-30 23:17</p><p></p><p>- 3818272 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0222.0</p><p>2012-07-30 23:17 - 2012-07-30 23:17</p><p></p><p>- 1247679 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0222.1</p><p>2012-07-30 23:17 - 2012-07-30 23:17</p><p></p><p>- 1317022 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0222.JPG</p><p>2012-07-30 23:18 - 2012-07-30 23:18</p><p></p><p>- 3680209 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0223.0</p><p>2012-07-30 23:18 - 2012-07-30 23:18</p><p></p><p>- 1890416 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0223.JPG</p><p>2012-07-30 23:20 - 2012-07-30 23:20</p><p></p><p>- 4060088 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0224.0</p><p>2012-07-30 23:20 - 2012-07-30 23:20</p><p></p><p>- 1670553 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0224.JPG</p><p>2012-07-30 23:21 - 2012-07-30 23:21</p><p></p><p>- 3876040 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0225.0</p><p>2012-07-30 23:21 - 2012-07-30 23:21</p><p></p><p>- 1243214 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0225.JPG</p><p>2012-07-30 23:15 - 2012-07-30 23:15</p><p></p><p>- 3911025 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0228.0</p><p>2012-07-30 23:15 - 2012-07-30 23:15</p><p></p><p>- 1859570 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0228.JPG</p><p>2012-07-30 23:13 - 2012-07-30 23:13</p><p></p><p>- 3925542 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0230.0</p><p>2012-07-30 23:13 - 2012-07-30 23:13</p><p></p><p>- 1701643 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0230.JPG</p><p>2012-07-30 23:14 - 2012-07-30 23:14</p><p></p><p>- 3777079 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0231.0</p><p>2012-07-30 23:14 - 2012-07-30 23:14</p><p></p><p>- 1903590 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0231.JPG</p><p>2012-12-16 13:17 - 2012-12-16 13:17</p><p></p><p>- 2699209 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0423.0</p><p>2012-12-16 13:17 - 2012-12-16 13:17</p><p></p><p>- 0981494 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0423.JPG</p><p>2012-12-16 13:16 - 2012-12-16 13:16</p><p></p><p>- 2344082 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0427.JPG</p><p>2013-06-15 18:54 - 2013-06-15 18:54</p><p></p><p>- 3845545 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0646.JPG</p><p>2013-06-15 18:55 - 2013-06-15 18:55</p><p></p><p>- 3825319 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0648.JPG</p><p>2013-06-15 18:55 - 2013-06-15 18:55</p><p></p><p>- 3655438 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0654.JPG</p><p>2013-06-15 18:52 - 2013-06-15 18:52</p><p></p><p>- 3813732 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0657.JPG</p><p>2013-06-15 18:53 - 2013-06-15 18:53</p><p></p><p>- 3520275 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0661.JPG</p><p>2013-06-15 18:50 - 2013-06-15 18:50</p><p></p><p>- 3700495 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0662.JPG</p><p>2013-06-23 09:23 - 2013-06-23 09:23</p><p></p><p>- 3881342 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0669.JPG</p><p>2013-06-23 09:12 - 2013-06-23 09:12</p><p></p><p>- 4069139 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0683.JPG</p><p>2013-06-23 09:01 - 2013-06-23 09:01</p><p></p><p>- 3776503 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0692.JPG</p><p>2013-06-23 09:09 - 2013-06-23 09:09</p><p></p><p>- 3918280 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0693.JPG</p><p>2013-06-23 09:11 - 2013-06-23 09:11</p><p></p><p>- 4029641 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0694.JPG</p><p>2013-06-23 09:08 - 2013-06-23 09:08</p><p></p><p>- 3801721 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0695.JPG</p><p>2013-06-23 09:03 - 2013-06-23 09:03</p><p></p><p>- 4034112 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0696.0</p><p>2013-06-23 09:03 - 2013-06-23 09:03</p><p></p><p>- 1620362 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0696.JPG</p><p>2013-06-23 09:15 - 2013-06-23 09:15</p><p></p><p>- 3963372 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0699.JPG</p><p>2013-06-23 09:16 - 2013-06-23 09:16</p><p></p><p>- 3879562 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0700.JPG</p><p>2013-07-08 07:39 - 2013-07-08 07:39</p><p></p><p>- 4196228 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0709.JPG</p><p>2013-07-21 19:46 - 2013-07-21 19:46</p><p></p><p>- 3824830 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0757.JPG</p><p>2013-07-21 19:59 - 2013-07-21 19:59</p><p></p><p>- 4239298 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0766.JPG</p><p>2013-07-21 19:55 - 2013-07-21 19:55</p><p></p><p>- 3935137 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0775.0</p><p>2013-07-21 19:55 - 2013-07-21 19:55</p><p></p><p>- 1589176 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0775.JPG</p><p>2013-07-21 19:58 - 2013-07-21 19:58</p><p></p><p>- 3579938 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0777.0</p><p>2013-07-21 19:58 - 2013-07-21 19:58</p><p></p><p>- 1970441 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0777.JPG</p><p>2013-07-21 19:48 - 2013-07-21 19:48</p><p></p><p>- 3807746 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0779.0</p><p>2013-07-21 19:48 - 2013-07-21 19:48</p><p></p><p>- 1027164 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0779.JPG</p><p>2013-08-08 22:59 - 2013-08-08 22:59</p><p></p><p>- 3565728 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0824.JPG</p><p>2012-10-21 13:52 - 2012-10-21 13:52</p><p></p><p>- 2325452 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF0878.JPG</p><p>2010-01-16 21:18 - 2010-01-16 21:18</p><p></p><p>- 2048379 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1417.JPG</p><p>2010-07-10 09:40 - 2010-07-10 09:40</p><p></p><p>- 1265628 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1469.JPG</p><p>2010-05-31 07:57 - 2010-05-31 07:57</p><p></p><p>- 1277265 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1487.JPG</p><p>2010-05-31 07:42 - 2010-05-31 07:42</p><p></p><p>- 1272013 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1541.JPG</p><p>2010-06-06 09:18 - 2010-06-06 09:18</p><p></p><p>- 1263599 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1549.JPG</p><p>2010-06-06 09:20 - 2010-06-06 09:20</p><p></p><p>- 1301262 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1551.JPG</p><p>2010-06-06 09:22 - 2010-06-06 09:22</p><p></p><p>- 1306984 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1553.0</p><p>2010-06-06 09:22 - 2010-06-06 09:22</p><p></p><p>- 0547400 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1553.JPG</p><p>2010-06-06 09:23 - 2010-06-06 09:23</p><p></p><p>- 1309557 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1557.0</p><p>2010-06-06 09:23 - 2010-06-06 09:23</p><p></p><p>- 0473630 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1557.JPG</p><p>2010-06-06 09:25 - 2010-06-06 09:25</p><p></p><p>- 1267254 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1565.0</p><p>2010-06-06 09:25 - 2010-06-06 09:25</p><p></p><p>- 0594259 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1565.JPG</p><p>2010-06-06 09:27 - 2010-06-06 09:27</p><p></p><p>- 1339875 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1568.0</p><p>2010-06-06 09:27 - 2010-06-06 09:27</p><p></p><p>- 0520586 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1568.JPG</p><p>2010-06-06 09:29 - 2010-06-06 09:29</p><p></p><p>- 1280711 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1569.0</p><p>2010-06-06 09:29 - 2010-06-06 09:29</p><p></p><p>- 0518193 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1569.JPG</p><p>2010-06-06 09:30 - 2010-06-06 09:30</p><p></p><p>- 1274621 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1570.0</p><p>2010-06-06 09:30 - 2010-06-06 09:30</p><p></p><p>- 0599313 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1570.JPG</p><p>2010-06-06 09:32 - 2010-06-06 09:32</p><p></p><p>- 1304661 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1572.0</p><p>2010-06-06 09:32 - 2010-06-06 09:32</p><p></p><p>- 0564461 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1572.JPG</p><p>2010-06-06 09:33 - 2010-06-06 09:33</p><p></p><p>- 1300830 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1578.JPG</p><p>2010-08-22 20:39 - 2010-08-22 20:39</p><p></p><p>- 0121084 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1640.JPG</p><p>2010-08-22 20:44 - 2010-08-22 20:44</p><p></p><p>- 0117011 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1644.JPG</p><p>2010-08-22 20:41 - 2010-08-22 20:41</p><p></p><p>- 0117101 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1654.JPG</p><p>2010-08-30 11:06 - 2010-08-30 11:06</p><p></p><p>- 0122993 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1695.0</p><p>2010-08-30 11:06 - 2010-08-30 11:06</p><p></p><p>- 0060817 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1695.JPG</p><p>2010-09-06 18:15 - 2010-09-06 18:15</p><p></p><p>- 0124348 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1714.0</p><p>2010-09-06 18:15 - 2010-09-06 18:15</p><p></p><p>- 0108811 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1714.JPG</p><p>2010-09-06 18:22 - 2010-09-06 18:22</p><p></p><p>- 0118396 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1739.JPG</p><p>2010-09-06 18:20 - 2010-09-06 18:20</p><p></p><p>- 0118228 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1742.JPG</p><p>2010-09-06 18:21 - 2010-09-06 18:21</p><p></p><p>- 0114721 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1743.0</p><p>2010-09-06 18:21 - 2010-09-06 18:21</p><p></p><p>- 0041374 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1743.JPG</p><p>2010-09-06 18:19 - 2010-09-06 18:19</p><p></p><p>- 0118885 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1744.0</p><p>2010-09-06 18:19 - 2010-09-06 18:19</p><p></p><p>- 0045942 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1744.JPG</p><p>2010-09-07 12:21 - 2010-09-07 12:21</p><p></p><p>- 0120370 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1745.0</p><p>2010-09-07 12:21 - 2010-09-07 12:21</p><p></p><p>- 0052945 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1745.JPG</p><p>2010-09-07 12:24 - 2010-09-07 12:24</p><p></p><p>- 0114235 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1747.0</p><p>2010-09-07 12:24 - 2010-09-07 12:24</p><p></p><p>- 0040090 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1747.1</p><p>2010-09-07 12:24 - 2010-09-07 12:24</p><p></p><p>- 0041416 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1747.JPG</p><p>2010-10-03 18:18 - 2010-10-03 18:18</p><p></p><p>- 0119938 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1773.JPG</p><p>2010-12-19 18:29 - 2010-12-19 18:28</p><p></p><p>- 1293192 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1852.0</p><p>2010-12-19 18:29 - 2010-12-19 18:29</p><p></p><p>- 0614563 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1852.1</p><p>2010-12-19 18:29 - 2010-12-19 18:29</p><p></p><p>- 0614469 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1852.JPG</p><p>2010-12-19 18:27 - 2010-12-19 18:27</p><p></p><p>- 1280704 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1876.0</p><p>2010-12-19 18:27 - 2010-12-19 18:27</p><p></p><p>- 0580990 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1876.1</p><p>2010-12-19 18:27 - 2010-12-19 18:27</p><p></p><p>- 0580948 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1876.2</p><p>2010-12-19 18:27 - 2010-12-19 18:27</p><p></p><p>- 0580913 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1876.3</p><p>2010-12-19 18:27 - 2010-12-19 18:27</p><p></p><p>- 0580919 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1876.JPG</p><p>2010-12-24 22:15 - 2010-12-24 22:15</p><p></p><p>- 1305656 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1901.0</p><p>2010-12-24 22:15 - 2010-12-24 22:15</p><p></p><p>- 0567634 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1901.1</p><p>2010-12-24 22:16 - 2010-12-24 22:15</p><p></p><p>- 0567657 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1901.2</p><p>2010-12-24 22:16 - 2010-12-24 22:16</p><p></p><p>- 0567635 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1901.3</p><p>2010-12-24 22:16 - 2010-12-24 22:16</p><p></p><p>- 0567637 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1901.JPG</p><p>2010-12-24 22:14 - 2010-12-24 22:14</p><p></p><p>- 1277706 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1905.0</p><p>2010-12-24 22:14 - 2010-12-24 22:14</p><p></p><p>- 0599806 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1905.1</p><p>2010-12-24 22:14 - 2010-12-24 22:14</p><p></p><p>- 0599755 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1905.JPG</p><p>2011-01-07 00:56 - 2011-01-07 00:56</p><p></p><p>- 1284286 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1916.0</p><p>2011-01-07 00:56 - 2011-01-07 00:56</p><p></p><p>- 0611358 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1916.JPG</p><p>2011-02-05 01:04 - 2011-02-05 01:04</p><p></p><p>- 1306128 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1935.JPG</p><p>2011-02-05 01:06 - 2011-02-05 01:06</p><p></p><p>- 1310801 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1938.JPG</p><p>2011-02-05 01:07 - 2011-02-05 01:07</p><p></p><p>- 1283349 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1939.JPG</p><p>2011-02-05 01:09 - 2011-02-05 01:09</p><p></p><p>- 1268925 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1941.JPG</p><p>2011-02-05 01:10 - 2011-02-05 01:10</p><p></p><p>- 1267643 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1942.JPG</p><p>2011-02-05 01:11 - 2011-02-05 01:11</p><p></p><p>- 1284254 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1943.JPG</p><p>2011-02-05 01:13 - 2011-02-05 01:14</p><p></p><p>- 1301055 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1947.0</p><p>2011-02-05 01:14 - 2011-02-05 01:14</p><p></p><p>- 0466224 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1947.JPG</p><p>2011-02-05 01:15 - 2011-02-05 01:15</p><p></p><p>- 1293138 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1949.0</p><p>2011-02-05 01:15 - 2011-02-05 01:15</p><p></p><p>- 0472954 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1949.JPG</p><p>2011-02-05 01:16 - 2011-02-05 01:16</p><p></p><p>- 1259107 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1950.0</p><p>2011-02-05 01:17 - 2011-02-05 01:16</p><p></p><p>- 0437101 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1950.JPG</p><p>2011-02-05 01:17 - 2011-02-05 01:17</p><p></p><p>- 1282235 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1954.JPG</p><p>2011-02-05 01:19 - 2011-02-05 01:19</p><p></p><p>- 1308872 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1960.JPG</p><p>2011-02-13 17:34 - 2011-02-13 17:34</p><p></p><p>- 1271178 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1963.JPG</p><p>2011-02-13 17:35 - 2011-02-13 17:35</p><p></p><p>- 1276081 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1964.JPG</p><p>2011-02-13 17:36 - 2011-02-13 17:36</p><p></p><p>- 1279742 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1965.JPG</p><p>2011-02-13 17:42 - 2011-02-13 17:42</p><p></p><p>- 1292904 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1972.0</p><p>2011-02-13 17:42 - 2011-02-13 17:42</p><p></p><p>- 0595188 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1972.JPG</p><p>2011-02-15 22:00 - 2011-02-15 22:00</p><p></p><p>- 1294126 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1986.JPG</p><p>2011-02-24 22:24 - 2011-02-24 22:24</p><p></p><p>- 1307352 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1991.0</p><p>2011-02-24 22:24 - 2011-02-24 22:24</p><p></p><p>- 0549948 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1991.JPG</p><p>2011-03-06 17:46 - 2011-03-06 17:46</p><p></p><p>- 1318782 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF1997.JPG</p><p>2011-03-06 17:43 - 2011-03-06 17:43</p><p></p><p>- 1332932 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2002.0</p><p>2011-03-06 17:43 - 2011-03-06 17:43</p><p></p><p>- 0510210 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2002.JPG</p><p>2011-03-06 17:44 - 2011-03-06 17:44</p><p></p><p>- 1316416 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2003.JPG</p><p>2011-03-07 09:34 - 2011-03-07 09:33</p><p></p><p>- 1274890 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2004.0</p><p>2011-03-07 09:34 - 2011-03-07 09:34</p><p></p><p>- 0789483 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2004.JPG</p><p>2011-03-07 21:53 - 2011-03-07 21:53</p><p></p><p>- 1274885 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2005.JPG</p><p>2011-03-07 21:52 - 2011-03-07 21:52</p><p></p><p>- 1267421 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2010.JPG</p><p>2011-03-07 21:56 - 2011-03-07 21:56</p><p></p><p>- 1273974 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2011.JPG</p><p>2011-03-07 21:57 - 2011-03-07 21:57</p><p></p><p>- 1277302 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2013.JPG</p><p>2011-03-07 21:54 - 2011-03-07 21:54</p><p></p><p>- 1293404 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2017.JPG</p><p>2011-04-16 20:51 - 2011-04-16 20:51</p><p></p><p>- 1315581 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2025.JPG</p><p>2011-04-16 20:51 - 2011-04-16 20:51</p><p></p><p>- 1292080 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2026.JPG</p><p>2011-04-16 20:49 - 2011-04-16 20:49</p><p></p><p>- 1314801 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2035.0</p><p>2011-04-16 20:49 - 2011-04-16 20:49</p><p></p><p>- 0599006 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2035.JPG</p><p>2011-04-25 15:20 - 2011-04-25 15:20</p><p></p><p>- 1307596 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2112.JPG</p><p>2011-04-30 22:38 - 2011-04-30 22:38</p><p></p><p>- 1298066 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2136.JPG</p><p>2011-04-30 22:39 - 2011-04-30 22:39</p><p></p><p>- 1322262 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2138.JPG</p><p>2011-04-30 22:40 - 2011-04-30 22:40</p><p></p><p>- 1309634 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2139.JPG</p><p>2011-04-30 22:41 - 2011-04-30 22:41</p><p></p><p>- 1322904 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2140.JPG</p><p>2011-06-12 13:52 - 2011-06-12 13:52</p><p></p><p>- 1262679 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2169.JPG</p><p>2011-06-12 13:55 - 2011-06-12 13:55</p><p></p><p>- 1279366 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2177.JPG</p><p>2011-06-12 13:49 - 2011-06-12 13:49</p><p></p><p>- 1261334 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2180.JPG</p><p>2011-06-12 13:50 - 2011-06-12 13:50</p><p></p><p>- 1293257 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2182.JPG</p><p>2011-06-17 22:31 - 2011-06-17 22:31</p><p></p><p>- 1321172 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2183.0</p><p>2011-06-17 22:31 - 2011-06-17 22:31</p><p></p><p>- 0509959 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2183.JPG</p><p>2011-06-19 22:04 - 2011-06-19 22:04</p><p></p><p>- 0116703 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2187.JPG</p><p>2011-06-19 22:05 - 2011-06-19 22:05</p><p></p><p>- 0116082 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2190.JPG</p><p>2011-06-19 22:01 - 2011-06-19 22:01</p><p></p><p>- 0117748 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2193.JPG</p><p>2011-06-19 22:03 - 2011-06-19 22:03</p><p></p><p>- 0117035 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2197.JPG</p><p>2011-06-19 22:06 - 2011-06-19 22:06</p><p></p><p>- 0118663 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2200.JPG</p><p>2011-07-18 13:17 - 2011-07-18 13:17</p><p></p><p>- 0123013 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2229.0</p><p>2011-07-18 13:17 - 2011-07-18 13:17</p><p></p><p>- 0068474 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2229.JPG</p><p>2011-08-29 17:35 - 2011-08-29 17:35</p><p></p><p>- 0120964 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2385.JPG</p><p>2011-09-11 20:25 - 2011-09-11 20:25</p><p></p><p>- 0122540 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2393.JPG</p><p>2011-09-11 20:24 - 2011-09-11 20:24</p><p></p><p>- 0125335 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2395.JPG</p><p>2011-09-11 20:26 - 2011-09-11 20:26</p><p></p><p>- 0123971 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2398.JPG</p><p>2011-09-11 20:29 - 2011-09-11 20:29</p><p></p><p>- 0119387 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2405.JPG</p><p>2011-09-11 20:32 - 2011-09-11 20:32</p><p></p><p>- 0118672 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2421.JPG</p><p>2011-09-18 17:40 - 2011-09-18 17:40</p><p></p><p>- 1304426 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2449.JPG</p><p>2011-09-18 17:43 - 2011-09-18 17:43</p><p></p><p>- 1288406 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2458.JPG</p><p>2011-09-18 17:44 - 2011-09-18 17:44</p><p></p><p>- 1312647 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2459.JPG</p><p>2011-10-10 13:12 - 2011-10-10 13:12</p><p></p><p>- 1273619 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2582.JPG</p><p>2011-10-04 10:50 - 2011-10-04 10:50</p><p></p><p>- 1300377 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2616.0</p><p>2011-10-04 10:50 - 2011-10-04 10:50</p><p></p><p>- 0466372 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2616.JPG</p><p>2011-10-04 10:44 - 2011-10-04 10:44</p><p></p><p>- 1256158 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2623.0</p><p>2011-10-04 10:44 - 2011-10-04 10:44</p><p></p><p>- 0675864 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2623.JPG</p><p>2011-10-04 10:46 - 2011-10-04 10:46</p><p></p><p>- 1271643 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2625.0</p><p>2011-10-04 10:46 - 2011-10-04 10:47</p><p></p><p>- 1271643 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2625.JPG</p><p>2011-10-04 10:43 - 2011-10-04 10:43</p><p></p><p>- 1297844 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2629.0</p><p>2011-10-04 10:43 - 2011-10-04 10:43</p><p></p><p>- 0418412 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2629.JPG</p><p>2011-10-04 10:41 - 2011-10-04 10:41</p><p></p><p>- 1315743 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2632.0</p><p>2011-10-04 10:41 - 2011-10-04 10:41</p><p></p><p>- 0397200 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2632.JPG</p><p>2011-10-04 10:40 - 2011-10-04 10:40</p><p></p><p>- 1276351 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2633.JPG</p><p>2011-10-04 10:27 - 2011-10-04 10:27</p><p></p><p>- 1295723 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2654.0</p><p>2011-10-04 10:27 - 2011-10-04 10:27</p><p></p><p>- 0733257 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2654.JPG</p><p>2011-10-04 10:30 - 2011-10-04 10:30</p><p></p><p>- 1290307 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2655.0</p><p>2011-10-04 10:30 - 2011-10-04 10:30</p><p></p><p>- 0377537 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2655.JPG</p><p>2011-10-04 10:33 - 2011-10-04 10:33</p><p></p><p>- 1311450 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2658.JPG</p><p>2011-10-29 11:52 - 2011-10-29 11:52</p><p></p><p>- 1274442 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2812.0</p><p>2011-10-29 11:52 - 2011-10-29 11:52</p><p></p><p>- 0623965 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2812.JPG</p><p>2011-10-31 20:11 - 2011-10-31 20:11</p><p></p><p>- 1326983 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2817.JPG</p><p>2011-10-31 20:12 - 2011-10-31 20:12</p><p></p><p>- 1275600 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2819.JPG</p><p>2011-12-01 12:04 - 2011-12-01 12:04</p><p></p><p>- 1307556 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2829.0</p><p>2011-12-01 12:04 - 2011-12-01 12:04</p><p></p><p>- 0534391 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2829.JPG</p><p>2011-12-07 14:08 - 2011-12-07 14:08</p><p></p><p>- 1342024 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2837.0</p><p>2011-12-07 14:08 - 2011-12-07 14:08</p><p></p><p>- 0568931 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2837.JPG</p><p>2011-12-06 10:04 - 2011-12-06 10:04</p><p></p><p>- 1297713 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2843.0</p><p>2011-12-06 10:04 - 2011-12-06 10:04</p><p></p><p>- 0603624 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2843.JPG</p><p>2011-12-06 10:06 - 2011-12-06 10:06</p><p></p><p>- 1279630 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2845.0</p><p>2011-12-06 10:06 - 2011-12-06 10:06</p><p></p><p>- 0592591 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2845.JPG</p><p>2011-12-12 01:27 - 2011-12-12 01:27</p><p></p><p>- 1285879 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2945.JPG</p><p>2011-12-21 21:58 - 2011-12-21 21:58</p><p></p><p>- 1267066 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2964.JPG</p><p>2011-12-24 23:13 - 2011-12-24 23:13</p><p></p><p>- 1274787 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2968.JPG</p><p>2012-01-05 16:19 - 2012-01-05 16:19</p><p></p><p>- 1278695 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpDSCF2969.JPG</p><p>2011-04-13 10:47 - 2011-04-13 10:47</p><p></p><p>- 0119017 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpEPSON002.0</p><p>2011-04-13 10:47 - 2011-04-13 10:47</p><p></p><p>- 0141870 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpEPSON002.JPG</p><p>2011-04-14 18:15 - 2011-04-14 18:15</p><p></p><p>- 0208217 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpEPSON003[1].JPG</p><p>2011-03-11 18:43 - 2011-03-11 18:43</p><p></p><p>- 0947202 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpEXPO_004[1].JPG</p><p>2011-10-26 10:51 - 2011-10-26 10:51</p><p></p><p>- 0178994 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmpGRAVE</p><p></p><p>MARKER.0</p><p>2011-10-26 10:51 - 2011-10-26 10:51</p><p></p><p>- 0181324 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmpGRAVE</p><p></p><p>MARKER.1</p><p>2011-10-26 10:51 - 2011-10-26 10:51</p><p></p><p>- 0181741 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmpGRAVE</p><p></p><p>MARKER.JPG</p><p>2012-12-20 23:24 - 2012-12-20 23:24</p><p></p><p>- 0057715 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHAPPYTAILS.JPG</p><p>2012-09-25 23:18 - 2012-09-25 23:18</p><p></p><p>- 2490355 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHARVEY.JPG</p><p>2012-09-25 23:16 - 2012-09-25 23:16</p><p></p><p>- 0021924 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHARVEYJ-2.0</p><p>2012-09-25 23:16 - 2012-09-25 23:16</p><p></p><p>- 0016735 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHARVEYJ-2.JPG</p><p>2013-07-22 22:56 - 2013-07-22 22:56</p><p></p><p>- 0757371 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHIBBING CABIN MAP030.0</p><p>2013-07-22 22:56 - 2013-07-22 22:56</p><p></p><p>- 1097356 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHIBBING CABIN MAP030.1</p><p>2013-07-22 22:56 - 2013-07-22 22:56</p><p></p><p>- 1118480 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHIBBING CABIN MAP030.JPG</p><p>2011-09-20 11:04 - 2011-09-20 11:04</p><p></p><p>- 0013259 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpHOWLOWEEN2006.JPG</p><p>2011-06-03 12:10 - 2011-06-03 12:10</p><p></p><p>- 5016602 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpIMG_8563.0</p><p>2011-06-03 12:10 - 2011-06-03 12:10</p><p></p><p>- 1152240 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpIMG_8563.JPG</p><p>2011-06-03 12:11 - 2011-06-03 12:11</p><p></p><p>- 4223711 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpIMG_8589.0</p><p>2011-06-03 12:11 - 2011-06-03 12:11</p><p></p><p>- 0861439 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpIMG_8589.JPG</p><p>2011-06-03 12:19 - 2011-06-03 12:19</p><p></p><p>- 4716362 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpIMG_9086.0</p><p>2011-06-03 12:19 - 2011-06-03 12:19</p><p></p><p>- 1043970 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpIMG_9086.JPG</p><p>2011-01-01 19:05 - 2011-01-01 19:05</p><p></p><p>- 1166454 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpJESSICA,JESSE, JD5.JPG</p><p>2011-01-01 19:06 - 2011-01-01 19:06</p><p></p><p>- 0012015 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpJESSICA,JESSE, JD5_CROP.0</p><p>2011-01-01 19:06 - 2011-01-01 19:06</p><p></p><p>- 0012013 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpJESSICA,JESSE, JD5_CROP.JPG</p><p>2012-12-22 22:46 - 2012-12-22 22:46</p><p></p><p>- 1395219 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpJOHNBUSH2.JPG</p><p>2010-06-14 19:28 - 2010-06-14 19:28</p><p></p><p>- 3366613 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpLOOKING+AT+YOU[1].0</p><p>2010-06-14 19:28 - 2010-06-14 19:28</p><p></p><p>- 0697527 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpLOOKING+AT+YOU[1].JPG</p><p>2010-02-03 20:14 - 2011-08-23 09:25</p><p></p><p>- 0011382 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmpME</p><p></p><p>AND TEUFEL.JPG</p><p>2010-05-29 22:01 - 2010-05-29 22:01</p><p></p><p>- 2076087 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpOUR_GIRL_MORGAN_MAY_2010</p><p></p><p>[1].0</p><p>2010-05-29 22:01 - 2010-05-29 22:01</p><p></p><p>- 0992653 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpOUR_GIRL_MORGAN_MAY_2010</p><p></p><p>[1].1</p><p>2010-05-29 22:01 - 2010-05-29 22:01</p><p></p><p>- 0982699 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpOUR_GIRL_MORGAN_MAY_2010</p><p></p><p>[1].2</p><p>2010-05-29 22:01 - 2010-05-29 22:01</p><p></p><p>- 1018182 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpOUR_GIRL_MORGAN_MAY_2010</p><p></p><p>[1].JPG</p><p>2012-08-08 12:24 - 2012-08-08 12:24</p><p></p><p>- 0222265 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpRICKSBASSETS07162012.JPG</p><p>2010-12-07 10:25 - 2010-12-07 10:25</p><p></p><p>- 2792446 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpSAM_0041[1].JPG</p><p>2010-12-07 10:27 - 2010-12-07 10:27</p><p></p><p>- 2724806 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpSAM_0042[1].JPG</p><p>2010-12-07 10:28 - 2010-12-07 10:28</p><p></p><p>- 2779611 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpSAM_0043[1].JPG</p><p>2013-02-21 23:45 - 2013-02-21 23:45</p><p></p><p>- 0305120 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\tmpSIS</p><p></p><p>FLYER.JPG</p><p>2011-09-20 09:12 - 2011-09-20 09:12</p><p></p><p>- 0078677 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpSIS.JPG</p><p>2012-12-02 12:34 - 2012-12-02 12:34</p><p></p><p>- 1372344 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTEUFEL 7.0</p><p>2012-12-02 12:34 - 2012-12-02 12:34</p><p></p><p>- 0690494 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTEUFEL 7.JPG</p><p>2011-08-01 18:25 - 2011-08-01 18:25</p><p></p><p>- 0089772 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTEUFEL AT BASSETFEST.JPG</p><p>2010-09-13 23:27 - 2010-09-13 23:27</p><p></p><p>- 0121804 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTEUFEL3[1].JPG</p><p>2011-03-17 13:03 - 2011-03-17 13:03</p><p></p><p>- 0076429 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTUEFFLES.0</p><p>2011-03-17 13:03 - 2011-03-17 13:03</p><p></p><p>- 0042211 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTUEFFLES.1</p><p>2011-03-17 13:03 - 2011-03-17 13:03</p><p></p><p>- 0044867 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTUEFFLES.JPG</p><p>2013-08-09 10:57 - 2013-08-09 10:57</p><p></p><p>- 0331186 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpTYKE.JPG</p><p>2012-12-22 22:50 - 2012-12-22 22:50</p><p></p><p>- 2270875 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpUNITED NATIONS COMMAND</p><p></p><p>SUPPORT GROUP.JPG</p><p>2011-09-20 09:12 - 2011-09-20 09:12</p><p></p><p>- 0115122 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpWELCOME FROM STONE</p><p></p><p>MOUNTAIN.JPG</p><p>2010-02-13 21:07 - 2010-02-13 21:07</p><p></p><p>- 0022618 _____ () C:\Users</p><p></p><p>\Sinnfamily\AppData\Local</p><p></p><p>\tmpWHITE_BUTTERFLY_SNIFFER</p><p></p><p>[1].JPG</p><p>2013-08-10 19:10 - 2013-08-10 19:10</p><p></p><p>- 0000000 _____ () C:\ProgramData</p><p></p><p>\3b203d3a29333421252a593f31_c</p><p>2014-10-19 18:23 - 2014-10-19 18:23</p><p></p><p>- 0000057 _____ () C:\ProgramData</p><p></p><p>\Ament.ini</p><p>2011-01-10 18:40 - 2011-01-10 18:40</p><p></p><p>- 0000056 ____H () C:\ProgramData</p><p></p><p>\ezsidmv.dat</p><p></p><p>Files to move or delete:</p><p>====================</p><p>C:\Users\Sinnfamily\jobq.dat</p><p></p><p></p><p>Some files in TEMP:</p><p>====================</p><p>C:\Users\Sinnfamily\AppData\Local</p><p></p><p>\Temp\DseShExt-x64.dll</p><p>C:\Users\Sinnfamily\AppData\Local</p><p></p><p>\Temp\DseShExt-x86.dll</p><p>C:\Users\Sinnfamily\AppData\Local</p><p></p><p>\Temp\SDShelEx-win32.dll</p><p>C:\Users\Sinnfamily\AppData\Local</p><p></p><p>\Temp\SDShelEx-x64.dll</p><p></p><p></p><p>Some zero byte size files/folders:</p><p>=======================</p><p></p><p>===</p><p>C:\Windows\SysWOW64\conhost.exe</p><p>C:\Windows\SysWOW64\csrss.exe</p><p>C:\Windows\SysWOW64\dwm.exe</p><p>C:\Windows\SysWOW64\lsass.exe</p><p>C:\Windows\SysWOW64\lsm.exe</p><p>C:\Windows\SysWOW64\nvvsvc.exe</p><p>C:\Windows\SysWOW64\services.exe</p><p>C:\Windows\SysWOW64\smss.exe</p><p>C:\Windows\SysWOW64\spoolsv.exe</p><p>C:\Windows\SysWOW64\taskhost.exe</p><p>C:\Windows\SysWOW64\winlogon.exe</p><p>C:\Windows</p><p></p><p>\SysWOW64\WUDFHost.exe</p><p>C:\Windows\System32\nvd3dum.dll</p><p>C:\Windows\System32\nvwgf2um.dll</p><p></p><p>====================</p><p></p><p>Bamital & volsnap Check</p><p></p><p>=================</p><p></p><p>(There is no automatic fix for files that</p><p></p><p>do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\System32\wininit.exe =></p><p></p><p>File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\explorer.exe => File is</p><p></p><p>digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\System32\svchost.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\System32\services.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\System32\User32.dll =></p><p></p><p>File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\System32\userinit.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe</p><p></p><p>=> File is digitally signed</p><p>C:\Windows\System32\rpcss.dll =></p><p></p><p>File is digitally signed</p><p>C:\Windows\System32\Drivers</p><p></p><p>\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2015-05-20 22:12</p><p></p><p>==================== End</p><p></p><p>of log </p><p></p><p>Additional scan result of Farbar</p><p></p><p>Recovery Scan Tool (x64) Version: 21</p><p></p><p>-05-2015</p><p>Ran by Sinnfamily at 2015-05-22</p><p></p><p>16:13:39</p><p>Running from C:\Users\Sinnfamily</p><p></p><p>\Downloads</p><p>Boot Mode: Normal</p><p>=======================</p><p></p><p>=======================</p><p></p><p>============</p><p></p><p></p><p>====================</p><p></p><p>Accounts:</p><p></p><p>=======================</p><p></p><p>======</p><p></p><p>Administrator (S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-500 -</p><p></p><p>Administrator - Disabled)</p><p>Guest (S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-501 - Limited</p><p></p><p>- Disabled)</p><p>HomeGroupUser$ (S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1002 - Limited - Enabled)</p><p>Sinnfamily (S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-1001 -</p><p></p><p>Administrator - Enabled) => C:\Users</p><p></p><p>\Sinnfamily</p><p></p><p>====================</p><p></p><p>Security Center</p><p></p><p>=======================</p><p></p><p>=</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed.)</p><p></p><p>AV: avast! Antivirus (Enabled - Up to</p><p></p><p>date) {17AD7D40-BA12-9C46-7131-</p><p></p><p>94903A54AD8B}</p><p>AV: AVG Internet Security 2015</p><p></p><p>(Disabled - Up to date) {4D41356F-</p><p></p><p>32AD-7C42-C820-63775EE4F413}</p><p>AS: Windows Defender (Disabled - Up</p><p></p><p>to date) {D68DDC3A-831F-4fae-9E44</p><p></p><p>-DA132C1ACF46}</p><p>AS: AVG Internet Security 2015</p><p></p><p>(Disabled - Up to date) {F620D48B-</p><p></p><p>1497-73CC-F290-58052563BEAE}</p><p>AS: avast! Antivirus (Enabled - Up to</p><p></p><p>date) {ACCC9CA4-9C28-93C8-4B81-</p><p></p><p>AFE241D3E736}</p><p></p><p>====================</p><p></p><p>Installed Programs</p><p></p><p>======================</p><p></p><p>(Only the adware programs with</p><p></p><p>"hidden" flag could be added to the</p><p></p><p>fixlist to unhide them. The adware</p><p></p><p>programs should be uninstalled</p><p></p><p>manually.)</p><p></p><p>Acrobat.com (HKLM-x32\...</p><p></p><p>\com.adobe.mauby.4875E02D9FB21E</p><p></p><p>E389F73B8D1702B320485DF8CE.1)</p><p></p><p>(Version: 2.3.0.0 - Adobe Systems</p><p></p><p>Incorporated)</p><p>Acrobat.com (x32 Version: 2.3.0 -</p><p></p><p>Adobe Systems Incorporated) Hidden</p><p>Adobe AIR (HKLM-x32\...\Adobe AIR)</p><p></p><p>(Version: 1.5.3.9120 - Adobe Systems</p><p></p><p>Inc.)</p><p>Adobe Flash Player 17 ActiveX</p><p></p><p>(HKLM-x32\...\Adobe Flash Player</p><p></p><p>ActiveX) (Version: 17.0.0.169 - Adobe</p><p></p><p>Systems Incorporated)</p><p>Adobe Flash Player 17 NPAPI (HKLM-</p><p></p><p>x32\...\Adobe Flash Player NPAPI)</p><p></p><p>(Version: 17.0.0.169 - Adobe Systems</p><p></p><p>Incorporated)</p><p>Adobe Reader XI (11.0.10) (HKLM-</p><p></p><p>x32\...\{AC76BA86-7AD7-1033-7B44-</p><p></p><p>AB0000000001}) (Version: 11.0.10 -</p><p></p><p>Adobe Systems Incorporated)</p><p>Adobe Shockwave Player 12.0</p><p></p><p>(HKLM-x32\...\Adobe Shockwave</p><p></p><p>Player) (Version: 12.0.2.122 - Adobe</p><p></p><p>Systems, Inc.)</p><p>Apple Application Support (HKLM-</p><p></p><p>x32\...\{46F044A5-CE8B-4196-984E-</p><p></p><p>5BD6525E361D}) (Version: 2.3.6 -</p><p></p><p>Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...</p><p></p><p>\{789A5B64-9DD9-4BA5-915A-</p><p></p><p>F0FC0A1B7BFE}) (Version: 2.1.3.127 -</p><p></p><p>Apple Inc.)</p><p>Avast Free Antivirus (HKLM-x32\...</p><p></p><p>\Avast) (Version: 10.2.2218 - AVAST</p><p></p><p>Software)</p><p>AVG 2015 (Version: 15.0.5941 - AVG</p><p></p><p>Technologies) Hidden</p><p>Compatibility Pack for the 2007 Office</p><p></p><p>system (HKLM-x32\...\{90120000-</p><p></p><p>0020-0409-0000-0000000FF1CE})</p><p></p><p>(Version: 12.0.6612.1000 - Microsoft</p><p></p><p>Corporation)</p><p>Coupon Printer for Windows (HKLM-</p><p></p><p>x32\...\Coupon Printer for</p><p></p><p>Windows5.0.0.4) (Version: 5.0.0.4 -</p><p></p><p>Coupons.com Incorporated)</p><p>CyberLink DVD Suite Deluxe (HKLM-</p><p></p><p>x32\...\InstallShield_{1FBF6C24-</p><p></p><p>C1FD-4101-A42B-0C564F9E8E79})</p><p></p><p>(Version: 6.0.3101 - CyberLink Corp.)</p><p>DirectX for Managed Code Update</p><p></p><p>(Summer 2004) (x32 Version:</p><p></p><p>9.02.2904 - Microsoft) Hidden</p><p>Family Tree Maker 2011 (HKLM-</p><p></p><p>x32\...\Family Tree Maker 2011)</p><p></p><p>(Version: 20.0.379 - Ancestry.com)</p><p>Family Tree Maker 2011 (x32 Version:</p><p></p><p>20.0.379 - Ancestry.com) Hidden</p><p>FamilySearch Indexing 3.10.5</p><p></p><p>(HKLM-x32\...\0591-8077-9297-0833)</p><p></p><p>(Version: 3.10.5 - FamilySearch)</p><p>FamilySearch Linking 1.1.0 (HKLM-</p><p></p><p>x32\...\0591-8077-9297-0833-1)</p><p></p><p>(Version: 1.1.0 - FamilySearch)</p><p>FUJIFILM MyFinePix Studio 2.0</p><p></p><p>(HKLM-x32\...\FinePix Genie_is1)</p><p></p><p>(Version: - )</p><p>Google Chrome (HKLM-x32\...\Google</p><p></p><p>Chrome) (Version: 43.0.2357.65 -</p><p></p><p>Google Inc.)</p><p>Google Talk Plugin (HKLM-x32\...</p><p></p><p>\{CA3DD97D-1FD7-37A7-BD5C-</p><p></p><p>FC4430C8B8E6}) (Version: 5.41.2.0 -</p><p></p><p>Google)</p><p>Google Update Helper (x32 Version:</p><p></p><p>1.3.25.11 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version:</p><p></p><p>1.3.27.5 - Google Inc.) Hidden</p><p>Hardware Diagnostic Tools (HKLM\...</p><p></p><p>\PC-Doctor for Windows) (Version:</p><p></p><p>6.0.5434.08 - PC-Doctor, Inc.)</p><p>Hewlett-Packard ACLM.NET v1.2.2.3</p><p></p><p>(x32 Version: 1.00.0000 - Hewlett-</p><p></p><p>Packard Company) Hidden</p><p>Homepage Protection (HKLM-x32\...</p><p></p><p>\Homepage Protection) (Version: -</p><p></p><p>AOL Products)</p><p>HP Advisor (HKLM-x32\...</p><p></p><p>\{40FB8D7C-6FF8-4AF2-BC8B-</p><p></p><p>0B1DB32AF04B}) (Version:</p><p></p><p>3.3.12286.3436 - Hewlett-Packard)</p><p>HP ENVY 4500 series Basic Device</p><p></p><p>Software (HKLM\...\{38A08516-1847-</p><p></p><p>43E4-8076-9540B60EC43B}) (Version:</p><p></p><p>32.2.188.47710 - Hewlett-Packard</p><p></p><p>Co.)</p><p>HP ENVY 4500 series Help (HKLM-</p><p></p><p>x32\...\{95BECC50-22B4-4FCA-8A2E-</p><p></p><p>BF77713E6D3A}) (Version: 30.0.0 -</p><p></p><p>Hewlett Packard)</p><p>HP Games (HKLM-x32\...\WildTangent</p><p></p><p>hp Master Uninstall) (Version: 1.0.0.71</p><p></p><p>- WildTangent)</p><p>HP MediaSmart Demo (HKLM-x32\...</p><p></p><p>\{9DEF9686-CCB2-47B7-BF83-</p><p></p><p>B49EA21FA016}) (Version: 1.00.0000</p><p></p><p>- Hewlett-Packard)</p><p>HP MediaSmart DVD (HKLM-x32\...</p><p></p><p>\InstallShield_{DCCAD079-F92C-</p><p></p><p>44DA-B258-624FC6517A5A}) (Version:</p><p></p><p>3.0.3420 - Hewlett-Packard)</p><p>HP MediaSmart Movie Themes</p><p></p><p>(HKLM-x32\...\InstallShield_</p><p></p><p>{3023EBDA-BF1B-4831-B347-</p><p></p><p>E5018555F26E}) (Version: 3.0.3102 -</p><p></p><p>Hewlett-Packard)</p><p>HP MediaSmart Music/Photo/Video</p><p></p><p>(HKLM-x32\...\InstallShield_</p><p></p><p>{B2EE25B9-5B00-4ACF-94F0-</p><p></p><p>92433C28C39E}) (Version: 3.1.3601 -</p><p></p><p>Hewlett-Packard)</p><p>HP MediaSmart SmartMenu (HKLM\...</p><p></p><p>\{26280024-DFB7-4967-90DB-</p><p></p><p>7F9C6660D01E}) (Version: 3.0.28.2 -</p><p></p><p>Hewlett-Packard)</p><p>HP Odometer (HKLM-x32\...</p><p></p><p>\{B8AC1A89-FFD1-4F97-8051-</p><p></p><p>E505A160F562}) (Version: 2.10.0000 -</p><p></p><p>Hewlett-Packard)</p><p>HP Photo Creations (HKLM-x32\...\HP</p><p></p><p>Photo Creations) (Version:</p><p></p><p>1.0.0.16432 - HP)</p><p>HP Product Detection (HKLM-x32\...</p><p></p><p>\{A436F67F-687E-4736-BD2B-</p><p></p><p>537121A804CF}) (Version: 11.14.0001</p><p></p><p>- HP)</p><p>HP Remote Solution (HKLM-x32\...\HP</p><p></p><p>Remote Solution) (Version: 1.1.9.0 -</p><p></p><p>TopSeed)</p><p>HP Setup (HKLM-x32\...\{F3B912F5-</p><p></p><p>EB57-45AA-B3D1-EB532BCF6EF8})</p><p></p><p>(Version: 1.2.3220.3079 - Hewlett-</p><p></p><p>Packard)</p><p>HP Support Information (HKLM-</p><p></p><p>x32\...\{B9A03B7B-E0FF-4FB3-BA83-</p><p></p><p>762E58A1B0AA}) (Version: 10.1.0002</p><p></p><p>- Hewlett-Packard)</p><p>HP Support Solutions Framework</p><p></p><p>(HKLM-x32\...\{44157EB3-D8D0-</p><p></p><p>4BB1-B0F5-AD2C38814ED1})</p><p></p><p>(Version: 11.51.0027 - Hewlett-</p><p></p><p>Packard Company)</p><p>HP Update (HKLM-x32\...</p><p></p><p>\{912D30CF-F39E-4B31-AD9A-</p><p></p><p>123C6B794EE2}) (Version:</p><p></p><p>5.005.002.002 - Hewlett-Packard)</p><p>Java 8 Update 45 (HKLM-x32\...</p><p></p><p>\{26A24AE4-039D-4CA4-87B4-</p><p></p><p>2F83218045F0}) (Version: 8.0.450 -</p><p></p><p>Oracle Corporation)</p><p>LabelPrint (HKLM-x32\...</p><p></p><p>\InstallShield_{C59C179C-668D-49A9</p><p></p><p>-B6EA-0121CCFC1243}) (Version:</p><p></p><p>2.5.1901 - CyberLink Corp.)</p><p>LabelPrint (x32 Version: 2.5.1901 -</p><p></p><p>CyberLink Corp.) Hidden</p><p>LightScribe System Software (HKLM-</p><p></p><p>x32\...\{DD6C316A-FE75-4FBB-9D22-</p><p></p><p>4C1920232B72}) (Version: 1.18.5.1 -</p><p></p><p>LightScribe)</p><p>Malwarebytes Anti-Malware version</p><p></p><p>2.1.6.1022 (HKLM-x32\...</p><p></p><p>\Malwarebytes Anti-Malware_is1)</p><p></p><p>(Version: 2.1.6.1022 - Malwarebytes</p><p></p><p>Corporation)</p><p>Microsoft .NET Framework 4.5.2</p><p></p><p>(HKLM\...\{92FB6C44-E685-45AD-</p><p></p><p>9B20-CADF4CABA132} - 1033)</p><p></p><p>(Version: 4.5.51209 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft IntelliPoint 8.2 (HKLM\...</p><p></p><p>\Microsoft IntelliPoint 8.2) (Version:</p><p></p><p>8.20.468.0 - Microsoft Corporation)</p><p>Microsoft Office Home and Student 60</p><p></p><p>day trial (HKLM\...\OfficeTrial)</p><p></p><p>(Version: - )</p><p>Microsoft Office PowerPoint Viewer</p><p></p><p>2007 (English) (HKLM-x32\...</p><p></p><p>\{95120000-00AF-0409-0000-</p><p></p><p>0000000FF1CE}) (Version:</p><p></p><p>12.0.6612.1000 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Primary Interoperability</p><p></p><p>Assemblies 2005 (HKLM-x32\...</p><p></p><p>\{D24DB8B9-BB6C-4334-9619-</p><p></p><p>BA1C650E13D3}) (Version:</p><p></p><p>8.0.50727.42 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...</p><p></p><p>\{89F4137D-6C26-4A84-BDB8-</p><p></p><p>2E5A4BB71E00}) (Version:</p><p></p><p>5.1.40416.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 ATL</p><p></p><p>Update kb973923 - x64</p><p></p><p>8.0.50727.4053 (HKLM\...</p><p></p><p>\{B6E3757B-5E77-3915-866A-</p><p></p><p>CCFC4B8D194C}) (Version:</p><p></p><p>8.0.50727.4053 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2005 ATL</p><p></p><p>Update kb973923 - x86</p><p></p><p>8.0.50727.4053 (HKLM-x32\...</p><p></p><p>\{770657D0-A123-3C07-8E44-</p><p></p><p>1C83EC895118}) (Version:</p><p></p><p>8.0.50727.4053 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2005</p><p></p><p>Redistributable (HKLM-x32\...</p><p></p><p>\{710f4c1c-cc18-4c49-8cbf-</p><p></p><p>51240c89a1a2}) (Version: 8.0.61001 -</p><p></p><p>Microsoft Corporation)</p><p>Microsoft Visual C++ 2005</p><p></p><p>Redistributable (x64) - KB2467175</p><p></p><p>(HKLM\...\{aac9fcc4-dd9e-4add-</p><p></p><p>901c-b5496a07ab2e}) (Version:</p><p></p><p>8.0.51011 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005</p><p></p><p>Redistributable (x64) (HKLM\...</p><p></p><p>\{071c9b48-7c32-4621-a0ac-</p><p></p><p>3f809523288f}) (Version: 8.0.56336 -</p><p></p><p>Microsoft Corporation)</p><p>Microsoft Visual C++ 2005</p><p></p><p>Redistributable (x64) (HKLM\...</p><p></p><p>\{ad8a2fa1-06e7-4b0d-927d-</p><p></p><p>6e54b3d31028}) (Version: 8.0.61000 -</p><p></p><p>Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 ATL</p><p></p><p>Update kb973924 - x64</p><p></p><p>9.0.30729.4148 (HKLM\...</p><p></p><p>\{EE936C7A-EA40-31D5-9B65-</p><p></p><p>8E3E089C3828}) (Version:</p><p></p><p>9.0.30729.4148 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2008 ATL</p><p></p><p>Update kb973924 - x86</p><p></p><p>9.0.30729.4148 (HKLM-x32\...</p><p></p><p>\{002D9D5E-29BA-3E6D-9BC4-</p><p></p><p>3D7D6DBC735C}) (Version:</p><p></p><p>9.0.30729.4148 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - KB2467174 - x64</p><p></p><p>9.0.30729.5570 (HKLM\...</p><p></p><p>\{8338783A-0968-3B85-AFC7-</p><p></p><p>BAAE0A63DC50}) (Version:</p><p></p><p>9.0.30729.5570 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - KB2467174 - x86</p><p></p><p>9.0.30729.5570 (HKLM-x32\...</p><p></p><p>\{86CE85E6-DBAC-3FFD-B977-</p><p></p><p>E4B79F83C909}) (Version:</p><p></p><p>9.0.30729.5570 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x64 9.0.21022</p><p></p><p>(HKLM\...\{350AA351-21FA-3270-</p><p></p><p>8B7A-835434E766AD}) (Version:</p><p></p><p>9.0.21022 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x64 9.0.30729.17</p><p></p><p>(HKLM\...\{8220EEFE-38CD-377E-</p><p></p><p>8595-13398D740ACE}) (Version:</p><p></p><p>9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x64 9.0.30729.6161</p><p></p><p>(HKLM\...\{5FCE6D76-F5DC-37AB-</p><p></p><p>B2B8-22AB8CEDB1D4}) (Version:</p><p></p><p>9.0.30729.6161 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x86 9.0.21022</p><p></p><p>(HKLM-x32\...\{FF66E9F6-83E7-</p><p></p><p>3A3E-AF14-8DE9A809A6A4})</p><p></p><p>(Version: 9.0.21022 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x86 9.0.21022.218</p><p></p><p>(HKLM-x32\...\{E503B4BF-F7BB-</p><p></p><p>3D5F-8BC8-F694B1CFF942}) (Version:</p><p></p><p>9.0.21022.218 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x86 9.0.30729.17</p><p></p><p>(HKLM-x32\...\{9A25302D-30C0-39D9</p><p></p><p>-BD6F-21E6EC160475}) (Version:</p><p></p><p>9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x86 9.0.30729.4148</p><p></p><p>(HKLM-x32\...\{1F1C2DFC-2D24-3E06</p><p></p><p>-BCB8-725134ADF989}) (Version:</p><p></p><p>9.0.30729.4148 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2008</p><p></p><p>Redistributable - x86 9.0.30729.6161</p><p></p><p>(HKLM-x32\...\{9BE518E6-ECC6-35A9</p><p></p><p>-88E4-87755C07200F}) (Version:</p><p></p><p>9.0.30729.6161 - Microsoft</p><p></p><p>Corporation)</p><p>Microsoft Visual C++ 2010 x86</p><p></p><p>Redistributable - 10.0.40219 (HKLM-</p><p></p><p>x32\...\{F0C3E5D1-1ADE-321E-8167-</p><p></p><p>68EF0DE699A5}) (Version: 10.0.40219</p><p></p><p>- Microsoft Corporation)</p><p>Microsoft Works (HKLM-x32\...</p><p></p><p>\{15BC8CD0-A65B-47D0-A2DD-</p><p></p><p>90A824590FA8}) (Version: 9.7.0621 -</p><p></p><p>Microsoft Corporation)</p><p>Microsoft WSE 3.0 Runtime (HKLM-</p><p></p><p>x32\...\{E3E71D07-CD27-46CB-8448-</p><p></p><p>16D4FB29AA13}) (Version: 3.0.5305.0</p><p></p><p>- Microsoft Corp.)</p><p>Mozilla Firefox 38.0.1 (x86 en-US)</p><p></p><p>(HKLM-x32\...\Mozilla Firefox 38.0.1</p><p></p><p>(x86 en-US)) (Version: 38.0.1 -</p><p></p><p>Mozilla)</p><p>Mozilla Maintenance Service (HKLM-</p><p></p><p>x32\...\MozillaMaintenanceService)</p><p></p><p>(Version: 37.0.1 - Mozilla)</p><p>MSXML 4.0 SP2 (KB954430) (HKLM-</p><p></p><p>x32\...\{86493ADD-824D-4B8E-BD72</p><p></p><p>-8C5DCDC52A71}) (Version:</p><p></p><p>4.20.9870.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB973688) (HKLM-</p><p></p><p>x32\...\{F662A8E6-F4DC-41A2-901E-</p><p></p><p>8C11F044BDEC}) (Version:</p><p></p><p>4.20.9876.0 - Microsoft Corporation)</p><p>MyHeritage Family Tree Builder</p><p></p><p>(HKLM-x32\...\Family Tree Builder)</p><p></p><p>(Version: 7.0.0.7128 -</p><p></p><p>MyHeritage.com)</p><p>NVIDIA Drivers (HKLM\...\NVIDIA</p><p></p><p>Drivers) (Version: 1.5 - NVIDIA</p><p></p><p>Corporation)</p><p>OpenOffice 4.1.0 (HKLM-x32\...</p><p></p><p>\{C87EF11D-36E9-479D-9898-</p><p></p><p>7541EA1E8A6A}) (Version: 4.10.9764</p><p></p><p>- Apache Software Foundation)</p><p>PictureMover (HKLM-x32\...</p><p></p><p>\{1896E712-2B3D-45eb-BCE9-</p><p></p><p>542742A51032}) (Version: 3.3.1.19 -</p><p></p><p>Hewlett-Packard Company)</p><p>Power2Go (HKLM-x32\...</p><p></p><p>\InstallShield_{40BF1E83-20EB-11D8</p><p></p><p>-97C5-0009C5020658}) (Version:</p><p></p><p>6.0.3101 - CyberLink Corp.)</p><p>Power2Go (x32 Version: 6.0.3101 -</p><p></p><p>CyberLink Corp.) Hidden</p><p>PowerDirector (HKLM-x32\...</p><p></p><p>\InstallShield_{CB099890-1D5F-11D5</p><p></p><p>-9EA9-0050BAE317E1}) (Version:</p><p></p><p>7.0.3101 - CyberLink Corp.)</p><p>PowerDirector (x32 Version: 7.0.3101</p><p></p><p>- CyberLink Corp.) Hidden</p><p>PowerRecover (x32 Version: 5.5.1923</p><p></p><p>- CyberLink Corp.) Hidden</p><p>Product Improvement Study for HP</p><p></p><p>ENVY 4500 series (HKLM\...</p><p></p><p>\{3A5F6684-5FD8-4660-A4DA-</p><p></p><p>BF60A20FCCFC}) (Version:</p><p></p><p>32.2.188.47710 - Hewlett-Packard</p><p></p><p>Co.)</p><p>QuickTime 7 (HKLM-x32\...</p><p></p><p>\{3D2CBC2C-65D4-4463-87AB-</p><p></p><p>BB2C859C1F3E}) (Version: 7.76.80.95</p><p></p><p>- Apple Inc.)</p><p>RAF (HKLM-x32\...\{E6B43401-E818-</p><p></p><p>4961-AFED-118DD8E87642})</p><p></p><p>(Version: 1.00.0001 - FUJIFILM</p><p></p><p>Corporation)</p><p>RealDownloader (x32 Version: 1.3.3 -</p><p></p><p>RealNetworks, Inc.) Hidden</p><p>Realtek High Definition Audio Driver</p><p></p><p>(HKLM-x32\...\{F132AF7F-7BCA-</p><p></p><p>4EDE-8A7C-958108FE7DBC})</p><p></p><p>(Version: 6.0.1.5882 - Realtek</p><p></p><p>Semiconductor Corp.)</p><p>Skype Toolbars (HKLM-x32\...</p><p></p><p>\{B6CF2967-C81E-40C0-9815-</p><p></p><p>C05774FEF120}) (Version: 5.3.7555 -</p><p></p><p>Skype Technologies S.A.)</p><p>Spybot - Search & Destroy (HKLM-</p><p></p><p>x32\...\{B4092C6D-E886-4CB2-BA68-</p><p></p><p>FE5A88D31DE6}_is1) (Version: 1.6.2 -</p><p></p><p>Safer Networking Limited)</p><p>swMSM (x32 Version: 12.0.0.1 -</p><p></p><p>Adobe Systems, Inc) Hidden</p><p>Uniblue RegistryBooster (HKLM-</p><p></p><p>x32\...\{E63E34A7-E552-412B-9E40-</p><p></p><p>FD6FC5227ABA}_is1) (Version: -</p><p></p><p>Uniblue Systems Ltd)</p><p>Visual C++ 8.0 Runtime Setup</p><p></p><p>Package (x64) (HKLM-x32\...</p><p></p><p>\{2FDBBCEA-62DB-45F4-B6E5-</p><p></p><p>0E1FB2A1F29D}) (Version: 9.0.0.623 -</p><p></p><p>AVG Technologies CZ, s.r.o.)</p><p>Visual Studio 2008 x64</p><p></p><p>Redistributables (HKLM-x32\...</p><p></p><p>\{FCDBEA60-79F0-4FAE-BBA8-</p><p></p><p>55A26C609A49}) (Version: 10.0.0.2 -</p><p></p><p>AVG Technologies)</p><p>Visual Studio 2010 x64</p><p></p><p>Redistributables (HKLM\...</p><p></p><p>\{21B133D6-5979-47F0-BE1C-</p><p></p><p>F6A6B304693F}) (Version: 13.0.0.1 -</p><p></p><p>AVG Technologies)</p><p>Visual Studio 2012 x64</p><p></p><p>Redistributables (HKLM\...</p><p></p><p>\{8C775E70-A791-4DA8-BCC3-</p><p></p><p>6AB7136F4484}) (Version: 14.0.0.1 -</p><p></p><p>AVG Technologies)</p><p>Visual Studio 2012 x86</p><p></p><p>Redistributables (HKLM-x32\...</p><p></p><p>\{98EFF19A-30AB-4E4B-B943-</p><p></p><p>F06B1C63EBF8}) (Version: 14.0.0.1 -</p><p></p><p>AVG Technologies CZ, s.r.o.)</p><p>Windows Media Encoder 9 Series</p><p></p><p>(HKLM-x32\...\Windows Media</p><p></p><p>Encoder 9) (Version: - )</p><p>Yahoo! Software Update (HKLM-</p><p></p><p>x32\...\Yahoo! Software Update)</p><p></p><p>(Version: - )</p><p></p><p>====================</p><p></p><p>Custom CLSID (Whitelisted):</p><p></p><p>=======================</p><p></p><p>===</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed from the registry. The</p><p></p><p>file will not be moved unless listed</p><p></p><p>separately.)</p><p></p><p></p><p>====================</p><p></p><p>Restore Points</p><p></p><p>=======================</p><p></p><p>==</p><p></p><p>13-05-2015 03:00:38 Windows Update</p><p>19-05-2015 18:09:50 Windows Update</p><p>20-05-2015 09:37:59 Installed AVG PC</p><p></p><p>TuneUp 2015</p><p>20-05-2015 16:44:33 AVG 2015</p><p></p><p>====================</p><p></p><p>Hosts content:</p><p></p><p>=======================</p><p></p><p>========</p><p></p><p>(If needed Hosts: directive could be</p><p></p><p>included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-13 21:34 - 2009-06-10 16:00</p><p></p><p>- 00000824 ____A C:\Windows</p><p></p><p>\system32\Drivers\etc\hosts</p><p></p><p>====================</p><p></p><p>Scheduled Tasks (Whitelisted)</p><p></p><p>=============</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed from the registry. The</p><p></p><p>file will not be moved unless listed</p><p></p><p>separately.)</p><p></p><p>Task: {00DE05F7-C4C2-4461-B40C-</p><p></p><p>0CA9AEAFB3D7} - System32\Tasks</p><p></p><p>\DVDAgent => c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\Media\DVD</p><p></p><p>\DVDAgent.exe [2009-10-20]</p><p></p><p>(CyberLink Corp.)</p><p>Task: {048B52EB-3E7E-4737-81C5-</p><p></p><p>ACC489A6E904} - System32\Tasks</p><p></p><p>\Microsoft_Hardware_Launch_IPoint_</p><p></p><p>exe => c:\Program Files\Microsoft</p><p></p><p>IntelliPoint\IPoint.exe [2011-08-01]</p><p></p><p>(Microsoft Corporation)</p><p>Task: {0D301EBB-5114-4655-8904-</p><p></p><p>9DE15036F3C8} - System32\Tasks</p><p></p><p>\Hewlett-Packard\HP Support</p><p></p><p>Assistant</p><p></p><p>\WarrantyChecker_DeviceScan => C:</p><p></p><p>\Program Files (x86)\Hewlett-Packard</p><p></p><p>\HP Support Framework\Resources</p><p></p><p>\HPWarrantyCheck</p><p></p><p>\HPWarrantyChecker.exe [2015-04-</p><p></p><p>14] (Hewlett-Packard)</p><p>Task: {17B83FB2-BD08-4668-BBA5-</p><p></p><p>1E0D76ADCB97} - System32\Tasks</p><p></p><p>\Microsoft\Windows\Setup\gwx</p><p></p><p>\launchtrayprocess => C:\Windows</p><p></p><p>\system32\GWX\GWX.exe [2015-05-</p><p></p><p>07] (Microsoft Corporation)</p><p>Task: {2B1C0F13-4C81-4717-B976-</p><p></p><p>9DE922CB21F4} - System32\Tasks</p><p></p><p>\Apple\AppleSoftwareUpdate => C:</p><p></p><p>\Program Files (x86)\Apple Software</p><p></p><p>Update\SoftwareUpdate.exe [2011-</p><p></p><p>06-01] (Apple Inc.)</p><p>Task: {36D38275-813C-4788-B1AB-</p><p></p><p>3779C3F2F598} - System32\Tasks</p><p></p><p>\GoogleUpdateTaskMachineUA => C:</p><p></p><p>\Program Files (x86)\Google\Update</p><p></p><p>\GoogleUpdate.exe [2014-10-18]</p><p></p><p>(Google Inc.)</p><p>Task: {5B105DDE-C5D1-42E9-A71A-</p><p></p><p>B1D20E9FCB26} - System32\Tasks</p><p></p><p>\FreeFileViewerUpdateChecker => C:</p><p></p><p>\Program Files (x86)\FreeFileViewer</p><p></p><p>\FFVCheckForUpdates.exe <====</p><p></p><p>ATTENTION</p><p>Task: {6267E7E9-9D6A-41CA-A45C-</p><p></p><p>EC8E2D68322B} - System32\Tasks</p><p></p><p>\GoogleUpdateTaskUserS-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001Core => C:\Users\Sinnfamily</p><p></p><p>\AppData\Local\Google\Update</p><p></p><p>\GoogleUpdate.exe [2014-10-22]</p><p></p><p>(Google Inc.)</p><p>Task: {6ACE0257-90C2-433B-9293-</p><p></p><p>A8913B336AFB} - System32\Tasks</p><p></p><p>\RealUpgradeScheduledTaskS-1-5-21</p><p></p><p>-2643768202-156854014-2583388340</p><p></p><p>-1001 => C:\Program Files</p><p></p><p>(x86)\Real\RealUpgrade</p><p></p><p>\RealUpgrade.exe</p><p>Task: {6E4E334F-75C0-46E8-81FE-</p><p></p><p>2243052EC701} - System32\Tasks</p><p></p><p>\PCDRScheduledMaintenance => C:</p><p></p><p>\Program Files\PC-Doctor for</p><p></p><p>Windows\pcdr5cuiw32.exe [2009-07-</p><p></p><p>02] (PC-Doctor, Inc.)</p><p>Task: {726F081B-293C-4B46-8725-</p><p></p><p>F09B51D31EC8} - \ProgramRefresh-</p><p></p><p>ATFST No Task File <====</p><p></p><p>ATTENTION</p><p>Task: {72B810CC-FF0E-4D5E-A275-</p><p></p><p>971FD7D12A79} - System32\Tasks</p><p></p><p>\Hewlett-Packard\HP Support</p><p></p><p>Assistant\HP Support Assistant Quick</p><p></p><p>Start => C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\HP Support</p><p></p><p>Framework\HPSF.exe [2013-11-04]</p><p></p><p>(Hewlett-Packard Company)</p><p>Task: {7B4207E6-F2CF-45C3-BE5B-</p><p></p><p>742E3CAC74BD} - System32\Tasks</p><p></p><p>\Adobe Flash Player Updater => C:</p><p></p><p>\Windows\SysWOW64\Macromed</p><p></p><p>\Flash\FlashPlayerUpdateService.exe</p><p></p><p>[2015-04-15] (Adobe Systems</p><p></p><p>Incorporated)</p><p>Task: {8D9E64D7-9597-4BFE-BFFB-</p><p></p><p>66505B2C918F} - System32\Tasks\HP</p><p></p><p>Photo Creations Communicator =></p><p></p><p>C:\ProgramData\HP Photo Creations</p><p></p><p>\Communicator.exe [2014-12-31] ()</p><p>Task: {917BB944-4725-4B52-A174-</p><p></p><p>A2ABC541FCF6} - System32\Tasks</p><p></p><p>\GoogleUpdateTaskMachineCore =></p><p></p><p>C:\Program Files (x86)\Google</p><p></p><p>\Update\GoogleUpdate.exe [2014-10</p><p></p><p>-18] (Google Inc.)</p><p>Task: {922ECA91-B0D0-4F5E-9E67-</p><p></p><p>09CAA18910A8} - System32\Tasks</p><p></p><p>\{95EEF560-9095-4226-A149-</p><p></p><p>6BC6A070B950} => C:\Program Files</p><p></p><p>(x86)\iWin Games\iWinGames.exe</p><p>Task: {92F47BF9-5F86-45CD-8F3F-</p><p></p><p>64C84078CC81} - System32\Tasks</p><p></p><p>\Microsoft\Windows\Setup\gwx</p><p></p><p>\refreshgwxconfig => C:\Windows</p><p></p><p>\system32\GWX</p><p></p><p>\GWXConfigManager.exe [2015-05-</p><p></p><p>07] (Microsoft Corporation)</p><p>Task: {98B4F376-E5F1-4AB0-91B1-</p><p></p><p>0ABE576B94B1} - System32\Tasks</p><p></p><p>\Google Update => C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Update\GoogleUpdate.exe [2014-10</p><p></p><p>-22] (Google Inc.)</p><p>Task: {9C41A200-A3BC-4255-A88B-</p><p></p><p>9B094C22A07A} - System32\Tasks</p><p></p><p>\Adobe Reader and Acrobat Manager</p><p></p><p>=> C:\Program Files (x86)\Common</p><p></p><p>Files\Adobe\ARM\1.0\AdobeARM.exe</p><p></p><p>[2014-11-20] (Adobe Systems</p><p></p><p>Incorporated)</p><p>Task: {9EB87832-63D6-47B0-AA08-</p><p></p><p>D15DEE543D72} - System32\Tasks</p><p></p><p>\RealUpgradeLogonTaskS-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001 => C:\Program Files</p><p></p><p>(x86)\Real\RealUpgrade</p><p></p><p>\RealUpgrade.exe</p><p>Task: {A44BA7CF-38BA-4AD1-B970-</p><p></p><p>82B6530D3FC7} - System32\Tasks</p><p></p><p>\Hewlett-Packard\HP Support</p><p></p><p>Assistant</p><p></p><p>\WarrantyChecker_CN47T1507X =></p><p></p><p>C:\Program Files (x86)\Hewlett-</p><p></p><p>Packard\HP Support Framework</p><p></p><p>\Resources\HPWarrantyCheck</p><p></p><p>\HPWarrantyChecker.exe [2015-04-</p><p></p><p>14] (Hewlett-Packard)</p><p>Task: {B3D5A209-57D7-42F6-B758-</p><p></p><p>196D312C9C98} - System32\Tasks</p><p></p><p>\Microsoft_Hardware_Launch_rundll3</p><p></p><p>2_exe => Rundll32.exe</p><p></p><p>url.dll,OpenURL</p><p></p><p><a href="http://go.microsoft.com/fwlink/?" target="_blank">http://go.microsoft.com/fwlink/?</a></p><p></p><p>LinkId=116866</p><p>Task: {C0096E98-F13A-47F0-8A91-</p><p></p><p>66B0763601AF} - System32\Tasks</p><p></p><p>\HPCeeScheduleForSinnfamily => C:</p><p></p><p>\Program Files (x86)\Hewlett-Packard</p><p></p><p>\HP Ceement\HPCEE.exe [2011-07-</p><p></p><p>15] (Hewlett-Packard)</p><p>Task: {C8FF2829-6472-46F5-9C86-</p><p></p><p>D0D000FA13BC} - System32\Tasks</p><p></p><p>\Hewlett-Packard\HP Support</p><p></p><p>Assistant\PC Health Analysis => C:</p><p></p><p>\Program Files (x86)\Hewlett-Packard</p><p></p><p>\HP Support Framework\HPSF.exe</p><p></p><p>[2013-11-04] (Hewlett-Packard</p><p></p><p>Company)</p><p>Task: {D273146D-2A8C-4339-9A6C-</p><p></p><p>9BBB18BDE05C} - System32\Tasks</p><p></p><p>\RunAsStdUser Task => C:\Program</p><p></p><p>Files (x86)\iWin Games</p><p></p><p>\iWinGames.exe</p><p>Task: {D5082955-084C-42C7-A1B3-</p><p></p><p>92418DAF3313} - System32\Tasks</p><p></p><p>\Hewlett-Packard\HP Support</p><p></p><p>Assistant\PC Tuneup => C:\Program</p><p></p><p>Files (x86)\Hewlett-Packard\HP</p><p></p><p>Support Framework\HPSF.exe [2013-</p><p></p><p>11-04] (Hewlett-Packard Company)</p><p>Task: {DB23E848-922E-43C5-B7F1-</p><p></p><p>B5FA7DADE589} -</p><p></p><p>\ProgramUpdateCheck No Task File</p><p></p><p><==== ATTENTION</p><p>Task: {DCA7AA00-2695-42E5-8448-</p><p></p><p>76A39D4A6B9E} - System32\Tasks</p><p></p><p>\CLMLSvc => c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\Kernel\CLML\CLMLSvc.exe</p><p></p><p>[2009-12-01] (CyberLink)</p><p>Task: {E853C7A8-D1A1-4AF6-A451-</p><p></p><p>747EB0D00AC1} - System32\Tasks</p><p></p><p>\GoogleUpdateTaskUserS-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001UA => C:\Users\Sinnfamily</p><p></p><p>\AppData\Local\Google\Update</p><p></p><p>\GoogleUpdate.exe [2014-10-22]</p><p></p><p>(Google Inc.)</p><p>Task: {EBD141B3-63E0-4A72-8E9C-</p><p></p><p>DF3AB841FB16} - System32\Tasks</p><p></p><p>\{47742B60-D7A2-424D-8371-</p><p></p><p>21724FCD2E7C} => C:\Program Files</p><p></p><p>(x86)\Skype\\Phone\Skype.exe</p><p>Task: {EDBB4BBF-2315-401E-BD70-</p><p></p><p>20E9ACAB5586} - System32\Tasks</p><p></p><p>\Java Update Scheduler => C:</p><p></p><p>\Program Files (x86)\Common Files</p><p></p><p>\Java\Java Update\jusched.exe [2015</p><p></p><p>-04-10] (Oracle Corporation)</p><p>Task: {F8D7255A-057C-4D5B-B371-</p><p></p><p>5DEDDE35203D} - System32\Tasks</p><p></p><p>\Hewlett-Packard\HP Support</p><p></p><p>Assistant\Update Check => C:</p><p></p><p>\ProgramData\Hewlett-Packard\HP</p><p></p><p>Support Framework\Resources</p><p></p><p>\Updater7\HPSFUpdater.exe [2014-</p><p></p><p>05-12] (Hewlett-Packard Company)</p><p>Task: {FA4F0B45-642B-4CEA-BAD2-</p><p></p><p>2808F9D8A5D9} - System32\Tasks\HP</p><p></p><p>online update program => c:</p><p></p><p>\Program Files (x86)\HP\HP Software</p><p></p><p>Update\HPWuSchd2.exe [2013-05-30]</p><p></p><p>(Hewlett-Packard)</p><p>Task: {FD855F12-7FA9-431D-8FD0-</p><p></p><p>621F646AB67E} - System32\Tasks</p><p></p><p>\HPCustParticipation HP ENVY 4500</p><p></p><p>series => C:\Program Files\HP\HP</p><p></p><p>ENVY 4500 series\Bin</p><p></p><p>\HPCustPartic.exe [2014-03-06]</p><p></p><p>(Hewlett-Packard Co.)</p><p>Task: {FDB407C0-6848-489E-9081-</p><p></p><p>B52D1DB72EC6} - System32\Tasks</p><p></p><p>\ROC_REG_JAN_DELETE => C:</p><p></p><p>\ProgramData\AVG January 2013</p><p></p><p>Campaign\ROC.exe [2013-01-17] ()</p><p>Task: C:\Windows\Tasks\Adobe Flash</p><p></p><p>Player Updater.job => C:\Windows</p><p></p><p>\SysWOW64\Macromed\Flash</p><p></p><p>\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks</p><p></p><p>\FreeFileViewerUpdateChecker.job</p><p></p><p>=> C:\Program Files</p><p></p><p>(x86)\FreeFileViewer</p><p></p><p>\FFVCheckForUpdates.exe <====</p><p></p><p>ATTENTION</p><p>Task: C:\Windows\Tasks</p><p></p><p>\GoogleUpdateTaskMachineCore.job</p><p></p><p>=> C:\Program Files (x86)\Google</p><p></p><p>\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks</p><p></p><p>\GoogleUpdateTaskMachineUA.job</p><p></p><p>=> C:\Program Files (x86)\Google</p><p></p><p>\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks</p><p></p><p>\GoogleUpdateTaskUserS-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001Core.job => C:\Users</p><p></p><p>\Sinnfamily\AppData\Local\Google</p><p></p><p>\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks</p><p></p><p>\GoogleUpdateTaskUserS-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001UA.job => C:\Users\Sinnfamily</p><p></p><p>\AppData\Local\Google\Update</p><p></p><p>\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\HP Photo</p><p></p><p>Creations Communicator.job => C:</p><p></p><p>\ProgramData\HP Photo Creations</p><p></p><p>\Communicator.exe</p><p>Task: C:\Windows\Tasks</p><p></p><p>\HPCeeScheduleForSinnfamily.job =></p><p></p><p>C:\Program Files (x86)\Hewlett-</p><p></p><p>Packard\HP Ceement\HPCEE.exe</p><p>Task: C:\Windows\Tasks</p><p></p><p>\PCDRScheduledMaintenance.job =></p><p></p><p>C:\Program Files\PC-Doctor for</p><p></p><p>Windows\pcdr5cuiw32.exe5-fh</p><p></p><p>scripts\monthly.xml</p><p>Task: C:\Windows\Tasks</p><p></p><p>\ROC_REG_JAN_DELETE.job => C:</p><p></p><p>\ProgramData\AVG January 2013</p><p></p><p>Campaign\ROC.exe</p><p></p><p>====================</p><p></p><p>Loaded Modules (Whitelisted)</p><p></p><p>==============</p><p></p><p>2013-08-14 15:19 - 2013-08-14 15:19</p><p></p><p>- 00039056 _____ () C:\Program Files</p><p></p><p>(x86)\RealNetworks\RealDownloader</p><p></p><p>\rndlresolversvc.exe</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00104400 _____ () C:\Program Files</p><p></p><p>\AVAST Software\Avast\log.dll</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 00081728 _____ () C:\Program Files</p><p></p><p>\AVAST Software\Avast</p><p></p><p>\JsonRpcServer.dll</p><p>2015-05-22 15:35 - 2015-05-22 15:35</p><p></p><p>- 02931200 _____ () C:\Program Files</p><p></p><p>\AVAST Software\Avast\defs</p><p></p><p>\15052201\algo.dll</p><p>2015-05-20 18:26 - 2015-05-20 18:26</p><p></p><p>- 40540672 _____ () C:\Program Files</p><p></p><p>\AVAST Software\Avast\libcef.dll</p><p></p><p>====================</p><p></p><p>Alternate Data Streams (Whitelisted)</p><p></p><p>=========</p><p></p><p>(If an entry is included in the fixlist,</p><p></p><p>only the ADS will be removed.)</p><p></p><p>AlternateDataStreams: C:</p><p></p><p>\ProgramData\Temp:0B4227B4</p><p>AlternateDataStreams: C:</p><p></p><p>\ProgramData\Temp:373E1720</p><p>AlternateDataStreams: C:</p><p></p><p>\ProgramData\Temp:4A74A9A7</p><p>AlternateDataStreams: C:</p><p></p><p>\ProgramData\Temp:6611AB82</p><p>AlternateDataStreams: C:</p><p></p><p>\ProgramData\Temp:972E051C</p><p></p><p>==================== Safe</p><p></p><p>Mode (Whitelisted)</p><p></p><p>===================</p><p></p><p>(If an item is included in the fixlist, it</p><p></p><p>will be removed from the registry. The</p><p></p><p>"AlternateShell" will be restored.)</p><p></p><p></p><p>==================== EXE</p><p></p><p>Association (Whitelisted)</p><p></p><p>===============</p><p></p><p>(If an entry is included in the fixlist,</p><p></p><p>the registry item will be restored to</p><p></p><p>default or removed.)</p><p></p><p></p><p>====================</p><p></p><p>Internet Explorer trusted/restricted</p><p></p><p>===============</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed from the registry.)</p><p></p><p>IE trusted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\skillsoft.com -></p><p></p><p>hxxp://support.skillsoft.com</p><p>IE trusted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\usaa.com -></p><p></p><p>hxxps://<a href="http://www.usaa.com" target="_blank">www.usaa.com</a></p><p></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\007guard.com -></p><p></p><p>install.007guard.com</p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\008i.com -> 008i.com</p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\008k.com -> <a href="http://www.008k.com" target="_blank">www.008k.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\00hq.com -> <a href="http://www.00hq.com" target="_blank">www.00hq.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\010402.com -> 010402.com</p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\032439.com -></p><p></p><p>80gw6ry3i3x3qbrkwhxhw.032439.com</p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\0scan.com -></p><p></p><p><a href="http://www.0scan.com" target="_blank">www.0scan.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\1-2005-search.com -></p><p></p><p><a href="http://www.1-2005-search.com" target="_blank">www.1-2005-search.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\1-domains-registrations.com</p><p></p><p>-> <a href="http://www.1-domains-registrations.com" target="_blank">www.1-domains-registrations.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\1000gratisproben.com -></p><p></p><p><a href="http://www.1000gratisproben.com" target="_blank">www.1000gratisproben.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\1001namen.com -></p><p></p><p><a href="http://www.1001namen.com" target="_blank">www.1001namen.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\100888290cs.com -></p><p></p><p>mir.100888290cs.com</p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\100sexlinks.com -></p><p></p><p><a href="http://www.100sexlinks.com" target="_blank">www.100sexlinks.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\10sek.com -></p><p></p><p><a href="http://www.10sek.com" target="_blank">www.10sek.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\12-26.net -> user1.12-26.net</p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\12-27.net -> user1.12-27.net</p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\123fporn.info -></p><p></p><p><a href="http://www.123fporn.info" target="_blank">www.123fporn.info</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\123haustiereundmehr.com</p><p></p><p>-> <a href="http://www.123haustiereundmehr.com" target="_blank">www.123haustiereundmehr.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\123moviedownload.com -></p><p></p><p><a href="http://www.123moviedownload.com" target="_blank">www.123moviedownload.com</a></p><p>IE restricted site: HKU\S-1-5-21-</p><p></p><p>2643768202-156854014-2583388340</p><p></p><p>-1001\...\123simsen.com -></p><p></p><p><a href="http://www.123simsen.com" target="_blank">www.123simsen.com</a></p><p></p><p>There are 7369 more restricted sites.</p><p></p><p>====================</p><p></p><p>Other Areas</p><p></p><p>=======================</p><p></p><p>=====</p><p></p><p>(Currently there is no automatic fix for</p><p></p><p>this section.)</p><p></p><p>HKU\S-1-5-21-2643768202-</p><p></p><p>156854014-2583388340-1001\Control</p><p></p><p>Panel\Desktop\\Wallpaper -> C:</p><p></p><p>\Users\Sinnfamily\AppData\Roaming</p><p></p><p>\Microsoft\Windows\Themes</p><p></p><p>\TranscodedWallpaper.jpg</p><p>DNS Servers: 173.225.144.10 -</p><p></p><p>173.225.144.70</p><p></p><p>====================</p><p></p><p>MSCONFIG/TASK MANAGER Error</p><p></p><p>getting ==</p><p></p><p>(Currently there is no automatic fix for</p><p></p><p>this section.)</p><p></p><p>MSCONFIG\startupfolder:</p><p></p><p>C:^ProgramData^Microsoft^Windows</p><p></p><p>^Start</p><p></p><p>Menu^Programs^Startup^PictureMov</p><p></p><p>er.lnk => C:\Windows\pss</p><p></p><p>\PictureMover.lnk.CommonStartup</p><p>MSCONFIG\startupfolder:</p><p></p><p>C:^Users^Sinnfamily^AppData^Roa</p><p></p><p>ming^Microsoft^Windows^Start</p><p></p><p>Menu^Programs^Startup^Monitor</p><p></p><p>Ink Alerts - HP ENVY 4500 series.lnk</p><p></p><p>=> C:\Windows\pss\Monitor Ink</p><p></p><p>Alerts - HP ENVY 4500</p><p></p><p>series.lnk.Startup</p><p>MSCONFIG\startupfolder:</p><p></p><p>C:^Users^Sinnfamily^AppData^Roa</p><p></p><p>ming^Microsoft^Windows^Start</p><p></p><p>Menu^Programs^Startup^OpenOffic</p><p></p><p>e.org 3.3.lnk => C:\Windows\pss</p><p></p><p>\OpenOffice.org 3.3.lnk.Startup</p><p>MSCONFIG\startupreg: APSDaemon</p><p></p><p>=> "C:\Program Files (x86)\Common</p><p></p><p>Files\Apple\Apple Application Support</p><p></p><p>\APSDaemon.exe"</p><p>MSCONFIG\startupreg:</p><p></p><p>ChristmasHolidayLaughs Search</p><p></p><p>Scope Monitor => "C:</p><p></p><p>\PROGRA~2\CHRIST~2\bar\1.bin</p><p></p><p>\4msrchmn.exe" /m=2 /w /h</p><p>MSCONFIG\startupreg: Family Tree</p><p></p><p>Builder Update => C:\Program Files</p><p></p><p>(x86)\MyHeritage\Bin</p><p></p><p>\FTBCheckUpdates.exe</p><p>MSCONFIG\startupreg: Google</p><p></p><p>Update => "C:\Users\Sinnfamily</p><p></p><p>\AppData\Local\Google\Update</p><p></p><p>\GoogleUpdate.exe" /c</p><p>MSCONFIG\startupreg: HP Remote</p><p></p><p>Solution => %ProgramFiles%</p><p></p><p>\Hewlett-Packard\HP Remote</p><p></p><p>Solution\HP_Remote_Solution.exe</p><p>MSCONFIG\startupreg: HPADVISOR</p><p></p><p>=> C:\Program Files (x86)\Hewlett-</p><p></p><p>Packard\HP Advisor\HPAdvisor.exe</p><p></p><p>view=DOCKVIEW</p><p>MSCONFIG\startupreg: hpsysdrv =></p><p></p><p>c:\program files (x86)\hewlett-</p><p></p><p>packard\HP odometer\hpsysdrv.exe</p><p>MSCONFIG\startupreg: IntelliPoint =></p><p></p><p>"c:\Program Files\Microsoft</p><p></p><p>IntelliPoint\ipoint.exe"</p><p>MSCONFIG\startupreg: NvCplDaemon</p><p></p><p>=> RUNDLL32.EXE C:\Windows</p><p></p><p>\system32\NvCpl.dll,NvStartup</p><p>MSCONFIG\startupreg: SmartMenu</p><p></p><p>=> C:\Program Files\Hewlett-</p><p></p><p>Packard\HP MediaSmart</p><p></p><p>\SmartMenu.exe /background</p><p>MSCONFIG\startupreg: SpybotSD</p><p></p><p>TeaTimer => C:\Program Files</p><p></p><p>(x86)\Spybot - Search & Destroy</p><p></p><p>\TeaTimer.exe</p><p>MSCONFIG\startupreg:</p><p></p><p>UpdatePRCShortCut => "C:\Program</p><p></p><p>Files (x86)\Hewlett-Packard\Recovery</p><p></p><p>\MUITransfer\MUIStartMenu.exe" "C:</p><p></p><p>\Program Files (x86)\Hewlett-Packard</p><p></p><p>\Recovery" UpdateWithCreateOnce</p><p></p><p>"Software\CyberLink\PowerRecover"</p><p></p><p>====================</p><p></p><p>FirewallRules (Whitelisted)</p><p></p><p>===============</p><p></p><p>(If an entry is included in the fixlist, it</p><p></p><p>will be removed from the registry. The</p><p></p><p>file will not be moved unless listed</p><p></p><p>separately.)</p><p></p><p>FirewallRules: [{862AFB70-51E0-</p><p></p><p>4527-A271-8089B56E8C4F}] =></p><p></p><p>(Allow) c:\Program Files</p><p></p><p>(x86)\CyberLink\PowerDirector</p><p></p><p>\PDR.EXE</p><p>FirewallRules: [{C18F71C2-F36F-</p><p></p><p>4625-AB27-90EEB8D1E479}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\HPTouchSmartMusic.exe</p><p>FirewallRules: [{385AA1C8-3FA9-</p><p></p><p>4B3B-BD9E-7367B718C947}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\HPTouchSmartPhoto.exe</p><p>FirewallRules: [{AF8F13B3-F77D-</p><p></p><p>4B1A-A975-B0E42F3F829E}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\HPTouchSmartVideo.exe</p><p>FirewallRules: [{92E9E16B-95EC-</p><p></p><p>46F4-B8B4-D8B4C5855C30}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\TSMAgent.exe</p><p>FirewallRules: [{FC56BC42-4EC5-</p><p></p><p>45EA-AC62-97E5A14B0D6F}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\Kernel\CLML\CLMLSvc.exe</p><p>FirewallRules: [{05E9270A-E3F2-</p><p></p><p>4A90-9AF9-0531E88870E4}] =></p><p></p><p>(Allow) c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\HPTouchSmartMusic.exe</p><p>FirewallRules: [{AC5E908D-A55B-</p><p></p><p>4F73-B15C-CFB0F6EBD26D}] =></p><p></p><p>(Allow) c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\HPTouchSmartPhoto.exe</p><p>FirewallRules: [{FA0AE581-0A66-</p><p></p><p>43A8-8CB7-EE5700994EE7}] =></p><p></p><p>(Allow) c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\HPTouchSmartVideo.exe</p><p>FirewallRules: [{2CC2996A-B44E-</p><p></p><p>4A2D-AE0C-D3C753CC0F22}] =></p><p></p><p>(Allow) c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\TSMAgent.exe</p><p>FirewallRules: [{ED0C4EDA-F45E-</p><p></p><p>4296-93BB-4D28D09994E2}] =></p><p></p><p>(Allow) c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\TouchSmart</p><p></p><p>\Media\Kernel\CLML\CLMLSvc.exe</p><p>FirewallRules: [{2E4E8EDE-C9CE-</p><p></p><p>4343-8260-A16DE0E95A03}] =></p><p></p><p>(Allow) c:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\Media\DVD</p><p></p><p>\HPDVDSmart.exe</p><p>FirewallRules: [{764617C5-1D03-</p><p></p><p>4EEB-BB6D-7672F4F38A7B}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Common Files\Apple\Apple</p><p></p><p>Application Support</p><p></p><p>\WebKit2WebProcess.exe</p><p>FirewallRules: [TCP Query User</p><p></p><p>{994A22F0-68B9-4379-B5E1-</p><p></p><p>15A52E7F438D}C:\program files</p><p></p><p>(x86)\internet explorer\iexplore.exe]</p><p></p><p>=> (Block) C:\program files</p><p></p><p>(x86)\internet explorer\iexplore.exe</p><p>FirewallRules: [UDP Query User</p><p></p><p>{6B53A456-3420-4983-B732-</p><p></p><p>CAD108778133}C:\program files</p><p></p><p>(x86)\internet explorer\iexplore.exe]</p><p></p><p>=> (Block) C:\program files</p><p></p><p>(x86)\internet explorer\iexplore.exe</p><p>FirewallRules: [{43230E3A-F961-</p><p></p><p>4F8F-8602-AB42EFBEDA78}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\HP Support</p><p></p><p>Framework\Resources</p><p></p><p>\HPWarrantyCheck</p><p></p><p>\HPWarrantyChecker.exe</p><p>FirewallRules: [TCP Query User</p><p></p><p>{2AEFA044-16C5-4238-B681-</p><p></p><p>8418467C5584}C:\program files</p><p></p><p>(x86)\hp\common</p><p></p><p>\hpdevicedetection3.exe] => (Allow)</p><p></p><p>C:\program files (x86)\hp\common</p><p></p><p>\hpdevicedetection3.exe</p><p>FirewallRules: [UDP Query User</p><p></p><p>{091005CC-A496-4F92-9DA6-</p><p></p><p>417FD38247FB}C:\program files</p><p></p><p>(x86)\hp\common</p><p></p><p>\hpdevicedetection3.exe] => (Allow)</p><p></p><p>C:\program files (x86)\hp\common</p><p></p><p>\hpdevicedetection3.exe</p><p>FirewallRules: [{8B135CC0-C6E0-</p><p></p><p>4069-B143-AD1F8F02841E}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\FreeFileViewer</p><p></p><p>\FFVCheckForUpdates.exe</p><p>FirewallRules: [{A4B859C2-5460-</p><p></p><p>4CB6-928D-57A5938BE20C}] =></p><p></p><p>(Allow) C:\Program Files\HP\HP ENVY</p><p></p><p>4500 series\Bin\DeviceSetup.exe</p><p>FirewallRules: [{1DF73D99-F679-</p><p></p><p>4C80-93F8-B2A2ED120C2E}] =></p><p></p><p>(Allow) LPort=5357</p><p>FirewallRules: [{C6EFD0B0-9F11-</p><p></p><p>4CDB-8D30-004DB350980F}] =></p><p></p><p>(Allow) C:\Program Files\HP\HP ENVY</p><p></p><p>4500 series\Bin</p><p></p><p>\HPNetworkCommunicatorCom.exe</p><p>FirewallRules: [TCP Query User</p><p></p><p>{127708EF-BEB7-418B-B25C-</p><p></p><p>B54170BF40A1}C:\program files</p><p></p><p>(x86)\mozilla firefox\firefox.exe] =></p><p></p><p>(Allow) C:\program files (x86)\mozilla</p><p></p><p>firefox\firefox.exe</p><p>FirewallRules: [UDP Query User</p><p></p><p>{C9FF2BD2-15F0-499F-9022-</p><p></p><p>0D9509EBF9D3}C:\program files</p><p></p><p>(x86)\mozilla firefox\firefox.exe] =></p><p></p><p>(Allow) C:\program files (x86)\mozilla</p><p></p><p>firefox\firefox.exe</p><p>FirewallRules: [{D3397118-8472-</p><p></p><p>4381-AC23-FF7ED3BD3CF1}] =></p><p></p><p>(Block) C:\program files (x86)\mozilla</p><p></p><p>firefox\firefox.exe</p><p>FirewallRules: [{82CEA311-9153-</p><p></p><p>4A12-ADE0-5A2ED5A52AA3}] =></p><p></p><p>(Block) C:\program files (x86)\mozilla</p><p></p><p>firefox\firefox.exe</p><p>FirewallRules: [{21183FC2-B84E-</p><p></p><p>4444-8F8D-D71894E4F72E}] =></p><p></p><p>(Allow) C:\Program Files (x86)\Mozilla</p><p></p><p>Firefox\firefox.exe</p><p>FirewallRules: [{8C049D7F-3109-</p><p></p><p>4691-935E-FDD25D6565CA}] =></p><p></p><p>(Allow) C:\Program Files (x86)\Mozilla</p><p></p><p>Firefox\firefox.exe</p><p>FirewallRules: [{21BFE7F7-E7BC-</p><p></p><p>4CB6-89E4-12D8FBB42846}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgnsa.exe</p><p>FirewallRules: [{55C6E141-EDA0-</p><p></p><p>408D-8D7C-8C9686C535DB}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgnsa.exe</p><p>FirewallRules: [{D023B66A-0EC2-</p><p></p><p>406D-8FB7-32166B367688}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgdiagex.exe</p><p>FirewallRules: [{B38C3E4D-7DA4-</p><p></p><p>45F6-AA03-5F270DF6F79E}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgdiagex.exe</p><p>FirewallRules: [{C37D1B0D-989A-</p><p></p><p>4AB2-9D1D-B0F80D5A75B1}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgmfapx.exe</p><p>FirewallRules: [{D8FF93A6-3DE4-</p><p></p><p>40BC-947B-44A6A7A1CEE0}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgmfapx.exe</p><p>FirewallRules: [{31143E86-0CAB-</p><p></p><p>45BF-8A62-B10592C8D831}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgemca.exe</p><p>FirewallRules: [{FA2DB4C0-236C-</p><p></p><p>410E-8DB5-B7A4F3C1F6FA}] =></p><p></p><p>(Allow) C:\Program Files (x86)\AVG</p><p></p><p>\AVG2015\avgemca.exe</p><p>FirewallRules: [{7133564D-8800-</p><p></p><p>4463-9B55-7C6DF7E54531}] =></p><p></p><p>(Allow) C:\Program Files</p><p></p><p>(x86)\Hewlett-Packard\HP Support</p><p></p><p>Framework\Resources</p><p></p><p>\HPWarrantyCheck</p><p></p><p>\HPDeviceDetection3.exe</p><p></p><p>====================</p><p></p><p>Faulty Device Manager Devices</p><p></p><p>=============</p><p></p><p>Name: qknfd</p><p>Description: qknfd</p><p>Class Guid: {8ECC055D-047F-11D1-</p><p></p><p>A537-0000F8753ED1}</p><p>Manufacturer:</p><p>Service: qknfd</p><p>Problem: : This device is not present,</p><p></p><p>is not working properly, or does not</p><p></p><p>have all its drivers installed. (Code 24)</p><p>Resolution: The device is installed</p><p></p><p>incorrectly. The problem could be a</p><p></p><p>hardware failure, or a new driver</p><p></p><p>might be needed.</p><p>Devices stay in this state if they have</p><p></p><p>been prepared for removal.</p><p>After you remove the device, this</p><p></p><p>error disappears.Remove the device,</p><p></p><p>and this error should be resolved.</p><p></p><p></p><p>====================</p><p></p><p>Event log errors:</p><p></p><p>=======================</p><p></p><p>==</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (05/22/2015 04:14:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:13:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:12:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:11:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:10:22 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:10:10 PM)</p><p></p><p>(Source: Microsoft-Windows-User</p><p></p><p>Profiles Service) (EventID: 1542)</p><p></p><p>(User: NT AUTHORITY)</p><p>Description: Windows cannot load</p><p></p><p>classes registry file.</p><p> DETAIL - Unspecified error</p><p></p><p>Error: (05/22/2015 04:07:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:06:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:05:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:04:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (05/22/2015 04:09:22 PM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7026) (User: )</p><p>Description: The following boot-start</p><p></p><p>or system-start driver(s) failed to</p><p></p><p>load:</p><p>qknfd</p><p></p><p>Error: (05/22/2015 04:09:20 PM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7024) (User: )</p><p>Description: The AVGIDSAgent service</p><p></p><p>terminated with service-specific error</p><p></p><p>%%-536753637.</p><p></p><p>Error: (05/22/2015 03:55:44 PM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7026) (User: )</p><p>Description: The following boot-start</p><p></p><p>or system-start driver(s) failed to</p><p></p><p>load:</p><p>qknfd</p><p></p><p>Error: (05/22/2015 03:55:42 PM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7024) (User: )</p><p>Description: The AVGIDSAgent service</p><p></p><p>terminated with service-specific error</p><p></p><p>%%-536753637.</p><p></p><p>Error: (05/22/2015 04:36:15 AM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7026) (User: )</p><p>Description: The following boot-start</p><p></p><p>or system-start driver(s) failed to</p><p></p><p>load:</p><p>qknfd</p><p></p><p>Error: (05/22/2015 04:36:14 AM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7024) (User: )</p><p>Description: The AVGIDSAgent service</p><p></p><p>terminated with service-specific error</p><p></p><p>%%-536753637.</p><p></p><p>Error: (05/21/2015 04:38:17 PM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7011) (User: )</p><p>Description: A timeout (30000</p><p></p><p>milliseconds) was reached while</p><p></p><p>waiting for a transaction response</p><p></p><p>from the Netman service.</p><p></p><p>Error: (05/21/2015 07:49:17 AM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7011) (User: )</p><p>Description: A timeout (30000</p><p></p><p>milliseconds) was reached while</p><p></p><p>waiting for a transaction response</p><p></p><p>from the Netman service.</p><p></p><p>Error: (05/20/2015 07:38:52 PM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7026) (User: )</p><p>Description: The following boot-start</p><p></p><p>or system-start driver(s) failed to</p><p></p><p>load:</p><p>qknfd</p><p></p><p>Error: (05/20/2015 07:38:37 PM)</p><p></p><p>(Source: Service Control Manager)</p><p></p><p>(EventID: 7024) (User: )</p><p>Description: The AVGIDSAgent service</p><p></p><p>terminated with service-specific error</p><p></p><p>%%-536753637.</p><p></p><p></p><p>Microsoft Office:</p><p>=======================</p><p></p><p>==</p><p>Error: (05/22/2015 04:14:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:13:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:12:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:11:21 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:10:22 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:10:10 PM)</p><p></p><p>(Source: Microsoft-Windows-User</p><p></p><p>Profiles Service) (EventID: 1542)</p><p></p><p>(User: NT AUTHORITY)</p><p>Description: Unspecified error</p><p></p><p>Error: (05/22/2015 04:07:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:06:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:05:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p>Error: (05/22/2015 04:04:43 PM)</p><p></p><p>(Source: SDWinSec.exe) (EventID: 0)</p><p></p><p>(User: )</p><p>Description: Class not registered</p><p></p><p></p><p>====================</p><p></p><p>Memory info</p><p></p><p>=======================</p><p></p><p>====</p><p></p><p>Processor: AMD Athlon(tm) II X4 620</p><p></p><p>Processor</p><p>Percentage of memory in use: 22%</p><p>Total physical RAM: 7935.23 MB</p><p>Available physical RAM: 6179.55 MB</p><p>Total Pagefile: 15868.68 MB</p><p>Available Pagefile: 14012.87 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.84 MB</p><p></p><p>====================</p><p></p><p>Drives</p><p></p><p>=======================</p><p></p><p>=========</p><p></p><p>Drive c: (HP) (Fixed) (Total:584.07</p><p></p><p>GB) (Free:513.39 GB) NTFS</p><p>Drive d: (FACTORY_IMAGE) (Fixed)</p><p></p><p>(Total:12 GB) (Free:2.18 GB) NTFS</p><p></p><p>==>[System with boot components</p><p></p><p>(obtained from reading drive)]</p><p>Drive e: (Pictures) (CDROM)</p><p></p><p>(Total:0.69 GB) (Free:0.08 GB) UDF</p><p></p><p>==================== MBR</p><p></p><p>& Partition Table</p><p></p><p>==================</p><p></p><p>=======================</p><p></p><p>=======================</p><p></p><p>==========</p><p>Disk: 0 (Size: 596.2 GB) (Disk ID:</p><p></p><p>1549F232)</p><p>Partition 1: (Active) - (Size=100 MB) -</p><p></p><p>(Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=584.1</p><p></p><p>GB) - (Type=07 NTFS)</p><p>Partition 4: (Not Active) - (Size=12</p><p></p><p>GB) - (Type=07 NTFS)</p><p></p><p>==================== End</p><p></p><p>of log</p><p></p><p>=======================</p><p></p><p>=====</p><p></p><p>=======================</p><p></p><p>=====</p></blockquote><p></p>
[QUOTE="LovesHounds, post: 388384, member: 36572"] Hi I deleted the files. Nothing happened when I hit the windows key+R. But I was able to manually remove them from the uninstall programs area on my computer. I manually rebooted and ran the Scan. I can not get the file to upload. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05- 2015 Ran by Sinnfamily (administrator) on SINNFAMILY-PC on 22-05-2015 16:12:31 Running from C:\Users\Sinnfamily \Downloads Loaded Profiles: Sinnfamily (Available profiles: Sinnfamily) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL]http://www.geekstogo.com/forum/top[/URL] ic/335081-frst-tutorial-how-to-use- farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows \System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast \AvastSvc.exe (NVIDIA Corporation) C:\Windows \System32\nvvsvc.exe (LSI Corporation) C:\Program Files \LSI SoftModem\agr64svc.exe (Hewlett-Packard Company) C: \Program Files (x86)\Common Files \LightScribe\LSSrvc.exe (Malwarebytes Corporation) C: \Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C: \Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe () C:\Program Files (x86)\RealNetworks\RealDownloader \rndlresolversvc.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate \YahooAUService.exe (Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy \SDWinSec.exe (Malwarebytes Corporation) C: \Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast \avastui.exe (Hewlett-Packard Company) C: \Program Files (x86)\Hewlett-Packard \HP Support Framework \HPSA_Service.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [AVG_UI] => C: \Program Files (x86)\AVG \AVG2015\avgui.exe [3745232 2015- 04-15] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software \Avast\AvastUI.exe [5515496 2015- 05-20] (Avast Software s.r.o.) HKU\S-1-5-21-2643768202- 156854014-2583388340-1001\... \Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-2643768202- 156854014-2583388340-1001\... \Policies\system: [DontDisplayLogonHoursWarnings] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763- 00608CC02F24} => C:\Program Files \AVAST Software\Avast\ashShA64.dll [2015-05-20] (Avast Software s.r.o.) ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0 -47f2-9FC9-929BAA2E7235} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKLM -> {0633EE93- D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {1235B3BB- 2B63-4F90-BA16-37F536739926} URL = [URL]http://www.bing.com/search?q=[/URL] {searchTerms} &FORM=HPDTDF&pc=HPDTDF&src=I E-SearchBox SearchScopes: HKLM -> {BFE680F5- 69D4-4A76-A974-C15503F8F00B} URL = [URL]http://www.ask.com/web?q=[/URL] {searchterms}&l=dis&o=ushpd SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF- E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {1235B3BB-2B63-4F90-BA16- 37F536739926} URL = [URL]http://www.bing.com/search?q=[/URL] {searchTerms} &FORM=HPDTDF&pc=HPDTDF&src=I E-SearchBox SearchScopes: HKLM-x32 -> {BFE680F5-69D4-4A76-A974- C15503F8F00B} URL = [URL]http://www.ask.com/web?q=[/URL] {searchterms}&l=dis&o=ushpd BHO: AVG Safe Search -> {3CA2F312 -6F6E-4B53-A66E-4E65E497C8C0} -> No File BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D- D17F00898D06} -> C:\Program Files \AVAST Software\Avast \aswWebRepIE64.dll [2015-05-20] (Avast Software s.r.o.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13- 99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources \HPNetworkCheck \HPNetworkCheckPluginx64.dll [2013 -08-28] (Hewlett-Packard) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870- 4C09146192CA} -> C:\ProgramData \RealNetworks\RealDownloader \BrowserPlugins\IE \rndlbrowserrecordplugin.dll [2013- 08-14] (RealDownloader) BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E- 4E65E497C8C0} -> No File BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644- 206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy \SDHelper.dll [2009-01-26] (Safer Networking Limited) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C- B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin \ssv.dll [2015-04-27] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D- D17F00898D06} -> C:\Program Files \AVAST Software\Avast \aswWebRepIE.dll [2015-05-20] (Avast Software s.r.o.) BHO-x32: hpBHO Class -> {ABD3B5E1-B268-407B-A150- 2641DAB8D898} -> C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll [2009-06-08] (AOL Products) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B- F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05- 16] (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b- BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin \jp2ssv.dll [2015-04-27] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13- 99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources \HPNetworkCheck \HPNetworkCheckPlugin.dll [2013-08 -28] (Hewlett-Packard) Toolbar: HKLM-x32 - No Name - {1E61ED7C-7CB8-49d6-B9E9- AB4C880C8414} - No File Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6- 9F516DD69829} - No File Toolbar: HKU\S-1-5-21-2643768202- 156854014-2583388340-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6 -9F516DD69829} - No File Toolbar: HKU\S-1-5-21-2643768202- 156854014-2583388340-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673 -4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-2643768202- 156854014-2583388340-1001 -> No Name - {2318C2B1-4965-11D4-9B18- 009027A5CD4F} - No File DPF: HKLM-x32 {02BCC737-B171- 4746-94C9-0D8A0B2C0089} [URL]http://office.microsoft.com/_layouts/C[/URL] lientBin/ieawsdc32.cab DPF: HKLM-x32 {02BF25D5-8C17- 4B23-BC80-D3488ABDDC6B} [URL]http://appldnld.apple.com.edgesuite[/URL]. net/content.info.apple.com/QuickTime /qtactivex/qtplugin.cab DPF: HKLM-x32 {166B1BCA-3F9C- 11CF-8075-444553540000} [URL]http://download.macromedia.com/pu[/URL] b/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {3107C2A8-9F0B- 4404-A58B-21BD85268FBC} [URL]http://www.pogo.com/cdl/launcher/Po[/URL] goWebLauncherInstaller.CAB DPF: HKLM-x32 {3D3B42C2-11BF- 4732-A304-A01384B70D68} [URL]http://picasaweb.google.com/s/v/61.1[/URL] 8/uploader2.cab DPF: HKLM-x32 {49E67060-2C0D- 415E-94C7-52A49F73B2F1} [URL]http://zone.msn.com/bingame/pppp/d[/URL] efault/PiratePoppers.1.0.0.39.cab DPF: HKLM-x32 {6218F7B5-0D3A- 48BA-AE4C-49DCFA63D400} [URL]http://www.myheritage.com/Genoogl[/URL] e/Components/ActiveX/SearchEngine Query.dll DPF: HKLM-x32 {73ECB3AA-4717- 450C-A2AB-D00DAD9EE203} [URL]http://h20614.www2.hp.com/ediags/g[/URL] md/Install/Cab/hpdetect119b.cab DPF: HKLM-x32 {7E980B9B-8AE5- 466A-B6D6-DA8CF814E78A} [URL]http://zone.msn.com/bingame/chnz/d[/URL] efault/mjolauncher.cab DPF: HKLM-x32 {8100D56A-5661- 482C-BEE8-AFECE305D968} [URL]http://upload.facebook.com/controls/[/URL] 2009.07.28_v5.5.8.1/FacebookPhotoU ploader55.cab DPF: HKLM-x32 {9AA73F41-EC64- 489E-9A73-9CD52E528BC4} [URL]http://zone.msn.com/binGame/ZAxRc[/URL] Mgr.cab DPF: HKLM-x32 {DF780F87-FF2B- 4DF8-92D0-73DB16A1543A} [URL]http://zone.msn.com/BINGAME/POPC[/URL] APLOADER_V10.CAB DPF: HKLM-x32 {E06E2E99-0AA1- 11D4-ABA6-0060082AA75C} [URL]https://petsmartcharities.webex.com/[/URL] client/T27LD/webex/ieatgpc1.cab DPF: HKLM-x32 {E2883E8F-472F- 4FB0-9522-AC9BF37916A7} [URL]http://platformdl.adobe.com/NOS/get[/URL] PlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C- 63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler: ms-itss - {0A9007C0-4076- 11D3-8789-0000F8105754} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298- 07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05- 16] (Skype Technologies S.A.) Tcpip\Parameters: [DhcpNameServer] 173.225.144.10 173.225.144.70 FireFox: ======== FF ProfilePath: C:\Users\Sinnfamily \AppData\Roaming\Mozilla\Firefox \Profiles\4iuichbd.default FF DefaultSearchEngine: Google FF DefaultSearchEngine.US: Google FF Homepage: [URL]https://www.facebook.com/?ref=logo[/URL] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed \Flash\NPSWF64_17_0_0_169.dll [2015-04-15] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C: \Windows\SysWOW64\Macromed \Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C: \Windows\SysWOW64\Adobe \Director\np32dsw_1202122.dll [2013 -04-03] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java \jre1.8.0_45\bin\dtplugin \npDeployJava1.dll [2015-04-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45. 2 -> C:\Program Files (x86)\Java \jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @real.com/nprndlchromebrowserrecor dext;version=1.3.3 -> C: \ProgramData\RealNetworks \RealDownloader\BrowserPlugins \MozillaPlugins \nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;ver sion=1.3.3 -> C:\ProgramData \RealNetworks\RealDownloader \BrowserPlugins\MozillaPlugins \nprndlhtml5videoshim.dll [2013-08- 14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshi m;version=1.3.3 -> C:\ProgramData \RealNetworks\RealDownloader \BrowserPlugins\MozillaPlugins \nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin-x32: @realnetworks.com/npdlplugin;versio n=1 -> C:\ProgramData \RealNetworks\RealDownloader \BrowserPlugins\npdlplugin.dll [2013 -08-14] (RealDownloader) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C: \ProgramData\Visan\plugins \npRLSecurePluginLayer.dll [2014-11 -05] (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update \1.3.27.5\npGoogleUpdate3.dll [2015 -05-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update \1.3.27.5\npGoogleUpdate3.dll [2015 -05-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C: \Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014- 12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2643768202 -156854014-2583388340-1001: @lightspark.github.com/Lightspark;ve rsion=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git \nplightsparkplugin.dll No File FF Plugin HKU\S-1-5-21-2643768202 -156854014-2583388340-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Sinnfamily\AppData \Roaming\Mozilla\plugins \npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-2643768202 -156854014-2583388340-1001: @talk.google.com/O1DPlugin -> C: \Users\Sinnfamily\AppData\Roaming \Mozilla\plugins\npo1d.dll [2015-04- 17] (Google) FF Plugin HKU\S-1-5-21-2643768202 -156854014-2583388340-1001: @tools.google.com/Google Update;version=3 -> C:\Users \Sinnfamily\AppData\Local\Google \Update \1.3.27.5\npGoogleUpdate3.dll [2015 -05-17] (Google Inc.) FF Plugin HKU\S-1-5-21-2643768202 -156854014-2583388340-1001: @tools.google.com/Google Update;version=9 -> C:\Users \Sinnfamily\AppData\Local\Google \Update \1.3.27.5\npGoogleUpdate3.dll [2015 -05-17] (Google Inc.) FF user.js: detected! => C:\Users \Sinnfamily\AppData\Roaming \Mozilla\Firefox\Profiles \4iuichbd.default\user.js [2013-08-22] FF Plugin ProgramFiles/Appdata: C: \Program Files (x86)\mozilla firefox \browser\plugins \npMozCouponPrinter.dll [2013-08-02] (Coupons, Inc.) FF Plugin ProgramFiles/Appdata: C: \Users\Sinnfamily\AppData\Roaming \mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C: \Users\Sinnfamily\AppData\Roaming \mozilla\plugins\npo1d.dll [2015-04- 17] (Google) FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6- 54BCB3B04BBC}] - C:\ProgramData \Norton\{0C55C096-0F1D-4F28-AAA2 -85EF591126E7}\Norton\coFFPlgn FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98- 4FC4AF8A08E2}] - C:\ProgramData \RealNetworks\RealDownloader \BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C: \ProgramData\RealNetworks \RealDownloader\BrowserPlugins \Firefox\Ext [2013-08-22] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6- 365A6E755758}] - C:\ProgramData \RealNetworks\RealDownloader \BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [[email]wrc@avast.com[/email]] - C:\Program Files \AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software \Avast\WebRep\FF [2015-05-20] Chrome: ======= CHR Profile: C:\Users\Sinnfamily \AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users \Sinnfamily\AppData\Local\Google \Chrome\User Data\Default \Extensions \blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-04] CHR Extension: (No Name) - C:\Users \Sinnfamily\AppData\Local\Google \Chrome\User Data\Default \Extensions \cbgbcgglihpocekaopnclahmonoolicp [2013-08-22] CHR Extension: (Google Search) - C: \Users\Sinnfamily\AppData\Local \Google\Chrome\User Data\Default \Extensions \coobgpohoikkiipiblmjeljniedjpjpf [2013-08-04] CHR Extension: (Bookmark Manager) - C:\Users\Sinnfamily\AppData\Local \Google\Chrome\User Data\Default \Extensions \gmlllbghnfkpflemihljekbapjopfjik [2015-05-20] CHR Extension: (Avast Online Security) - C:\Users\Sinnfamily \AppData\Local\Google\Chrome\User Data\Default\Extensions \gomekmidlodglbbmalcneegieacbdmki [2015-05-20] CHR Extension: (RealDownloader) - C:\Users\Sinnfamily\AppData\Local \Google\Chrome\User Data\Default \Extensions \idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Users \Sinnfamily\AppData\Local\Google \Chrome\User Data\Default \Extensions \lccekmodgklaepjeofjdjpbminllajkg [2015-03-19] CHR Extension: (Hangouts) - C: \Users\Sinnfamily\AppData\Local \Google\Chrome\User Data\Default \Extensions \nckgahadagoaajjgafhacjanaoiihapd [2014-08-08] CHR Extension: (Google Wallet) - C: \Users\Sinnfamily\AppData\Local \Google\Chrome\User Data\Default \Extensions \nmmhkkegccagdldgiimedpiccmgmied a [2013-08-21] CHR Extension: (Gmail) - C:\Users \Sinnfamily\AppData\Local\Google \Chrome\User Data\Default \Extensions \pjkljhegncpnkpknbcohdijeoejaedia [2013-08-04] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki ] - C:\Program Files\AVAST Software \Avast\WebRep\Chrome \aswWebRepChrome.crx [2015-05-20] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks \RealDownloader\BrowserPlugins \Chrome\Ext\realdownloader.crx [2013-08-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files \AVAST Software\Avast\AvastSvc.exe [343336 2015-05-20] (Avast Software s.r.o.) S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1517480 2015-04-15] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.) R2 DiagTrack; C:\Windows \system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation) R2 EFS; C:\Windows \SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder) R2 HP Support Assistant Service; C: \Program Files (x86)\Hewlett-Packard \HP Support Framework \hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed] S3 KeyIso; C:\Windows \SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder) R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe \LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015- 04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04 -14] (Malwarebytes Corporation) S3 Netlogon; C:\Windows \SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder) R2 nvsvc; C:\Windows \SysWOW64\nvvsvc.exe [0 2013-08- 10] () <==== ATTENTION (zero size file/folder) S3 ProtectedStorage; C:\Windows \SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader \rndlresolversvc.exe [39056 2013-08- 14] () R2 SamSs; C:\Windows \SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder) R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy \SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 Spooler; C:\Windows \SysWOW64\spoolsv.exe [0 2013-08- 10] () <==== ATTENTION (zero size file/folder) S3 VaultSvc; C:\Windows \SysWOW64\lsass.exe [0 2013-08-10] () <==== ATTENTION (zero size file/folder) S3 WinDefend; C:\Program Files \Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows \system32\drivers\aswHwid.sys [29168 2015-05-20] () R2 aswMonFlt; C:\Windows \system32\drivers\aswMonFlt.sys [89944 2015-05-20] (Avast Software s.r.o.) R1 aswRdr; C:\Windows \system32\drivers\aswRdr2.sys [93528 2015-05-20] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows \System32\Drivers\aswRvrt.sys [65736 2015-05-20] () R1 aswSnx; C:\Windows \system32\drivers\aswSnx.sys [1047320 2015-05-20] (Avast Software s.r.o.) R1 aswSP; C:\Windows \system32\drivers\aswSP.sys [442264 2015-05-20] (Avast Software s.r.o.) R2 aswStm; C:\Windows \system32\drivers\aswStm.sys [137288 2015-05-20] (Avast Software s.r.o.) R0 aswVmm; C:\Windows \System32\Drivers\aswVmm.sys [272248 2015-05-20] () R1 Avgdiska; C:\Windows \System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows \System32\DRIVERS\avgfwd6a.sys [67040 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows \System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows \System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows \System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows \System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows \System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows \System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows \System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.) R3 MBAMProtector; C:\Windows \system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows \system32\drivers \MBAMSwissArmy.sys [136408 2015- 05-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C: \Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) S3 SWDUMon; C:\Windows \System32\DRIVERS\SWDUMon.sys [16152 2014-06-22] () S1 qknfd; system32\drivers\qknfd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-21 21:21 - 2015-05-21 21:21 - 00098851 _____ () C:\Users \Sinnfamily\Desktop\FRST.txt 2015-05-21 21:21 - 2015-05-21 21:21 - 00042993 _____ () C:\Users \Sinnfamily\Desktop\Addition.txt 2015-05-21 20:37 - 2015-05-21 20:38 - 00042993 _____ () C:\Users \Sinnfamily\Downloads\Addition.txt 2015-05-21 20:36 - 2015-05-22 16:12 - 00020220 _____ () C:\Users \Sinnfamily\Downloads\FRST.txt 2015-05-21 20:35 - 2015-05-22 16:12 - 00000000 ____D () C:\FRST 2015-05-21 20:34 - 2015-05-21 20:34 - 02108416 _____ (Farbar) C:\Users \Sinnfamily\Downloads\FRST64.exe 2015-05-21 20:21 - 2015-05-21 20:22 - 00465432 _____ () C:\Users \Sinnfamily\Downloads \ESETPoweliksCleaner.exe_20150521. 202107.4028.log 2015-05-21 20:21 - 2015-05-21 20:21 - 00000022 _____ () C:\Users \Sinnfamily\Downloads \ESETPoweliksCleaner.exe_20150521. 202107.4028.zip 2015-05-21 20:19 - 2015-05-21 20:19 - 00221384 _____ (ESET) C:\Users \Sinnfamily\Downloads \ESETPoweliksCleaner.exe 2015-05-20 19:51 - 2015-05-20 19:52 - 00001484 _____ () C:\Windows \IE11_main.log 2015-05-20 19:51 - 2015-05-20 19:51 - 55915216 _____ (Microsoft Corporation) C:\Users\Sinnfamily \Downloads\IE11-Windows6.1-x64- en-us.exe 2015-05-20 18:27 - 2015-05-20 18:27 - 00000000 ____D () C:\Users \Sinnfamily\AppData\Roaming\AVAST Software 2015-05-20 18:26 - 2015-05-20 18:26 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers \aswSnx.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers \aswSP.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00364472 _____ (Avast Software s.r.o.) C:\Windows \system32\aswBoot.exe 2015-05-20 18:26 - 2015-05-20 18:26 - 00272248 _____ () C:\Windows \system32\Drivers\aswVmm.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers \aswStm.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers \aswRdr2.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers \aswMonFlt.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00065736 _____ () C:\Windows \system32\Drivers\aswRvrt.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-05-20 18:26 - 2015-05-20 18:26 - 00029168 _____ () C:\Windows \system32\Drivers\aswHwid.sys 2015-05-20 18:26 - 2015-05-20 18:26 - 00000000 ____D () C:\ProgramData \Microsoft\Windows\Start Menu \Programs\AVAST Software 2015-05-20 18:25 - 2015-05-20 18:25 - 00000000 ____D () C:\Program Files\AVAST Software 2015-05-20 18:24 - 2015-05-20 18:24 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Sinnfamily \Downloads \avast_free_antivirus_setup_online_cn et.exe 2015-05-20 18:24 - 2015-05-20 18:24 - 00000000 ____D () C:\ProgramData \AVAST Software 2015-05-20 16:54 - 2015-05-20 16:54 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily \Downloads \MicrosoftFixit.ProgramInstallUninstall .RNP.135558928799315.1.4.Run.exe 2015-05-20 16:43 - 2015-05-20 16:43 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily \Downloads \MicrosoftFixit.ProgramInstallUninstall .RNP.Run (2).exe 2015-05-20 16:38 - 2015-05-20 16:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily \Downloads \MicrosoftFixit.ProgramInstallUninstall .RNP.Run (1).exe 2015-05-20 16:34 - 2015-05-20 16:34 - 00039148 _____ () C:\Users \Sinnfamily\Downloads \ResultReport.html 2015-05-20 16:33 - 2015-05-20 16:44 - 00000000 ____D () C:\MATS 2015-05-20 16:32 - 2015-05-20 16:32 - 00347816 _____ (Microsoft Corporation) C:\Users\Sinnfamily \Downloads \MicrosoftFixit.ProgramInstallUninstall .RNP.Run.exe 2015-05-20 15:52 - 2015-05-22 16:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows \system32\Drivers \MBAMSwissArmy.sys 2015-05-20 15:51 - 2015-05-20 16:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-05-20 15:51 - 2015-05-20 15:51 - 00000000 ____D () C:\ProgramData \Microsoft\Windows\Start Menu \Programs\Malwarebytes Anti- Malware 2015-05-20 15:51 - 2015-05-20 15:51 - 00000000 ____D () C:\ProgramData \Malwarebytes 2015-05-20 15:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows \system32\Drivers \mbamchameleon.sys 2015-05-20 15:51 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows \system32\Drivers\mwac.sys 2015-05-20 15:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows \system32\Drivers\mbam.sys 2015-05-20 15:50 - 2015-05-20 15:50 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sinnfamily \Downloads\mbam-setup- 2.1.6.1022.exe 2015-05-20 10:40 - 2015-05-20 10:40 - 00073896 _____ () C:\Users \Sinnfamily\Downloads\[SURVEY PREVIEW MODE] Spring into Summer Feedback 2014 Survey Last years.htm 2015-05-20 10:32 - 2015-05-22 16:09 - 00000616 _____ () C:\Windows \setupact.log 2015-05-20 10:32 - 2015-05-22 15:55 - 00079622 _____ () C:\Windows \PFRO.log 2015-05-20 10:32 - 2015-05-20 10:32 - 00000000 _____ () C:\Windows \setuperr.log 2015-05-20 09:46 - 2015-05-20 09:46 - 00003874 _____ () C:\Windows \System32\Tasks\Google Update 2015-05-20 09:46 - 2015-05-20 09:46 - 00003694 _____ () C:\Windows \System32\Tasks\Adobe Reader and Acrobat Manager 2015-05-20 09:39 - 2015-05-20 09:39 - 00000000 ____D () C:\ProgramData \Microsoft\Windows\Start Menu \Programs\AVG PC TuneUp 2015 2015-05-20 09:37 - 2015-05-20 09:37 - 00000000 ____D () C:\Users \Sinnfamily\AppData\Local\Avg 2015-05-17 14:05 - 2015-05-21 06:17 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\Tre shower 2015-05-17 12:27 - 2015-05-17 12:27 - 00403453 _____ () C:\Users \Sinnfamily\Documents\Tom Daddy game.ods 2015-05-17 12:18 - 2015-05-17 12:18 - 00073896 _____ () C:\Users \Sinnfamily\Desktop\[SURVEY PREVIEW MODE] Spring into Summer Feedback 2014 Survey Last years.htm 2015-05-14 18:10 - 2015-05-17 04:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-13 16:02 - 2015-05-13 16:02 - 00010896 _____ () C:\Users \Sinnfamily\Desktop\upcoming events.odt 2015-05-13 03:03 - 2015-05-01 08:17 - 00124112 _____ (Microsoft Corporation) C:\Windows \system32\PresentationCFFRasterizer Native_v0300.dll 2015-05-13 03:03 - 2015-05-01 08:16 - 00102608 _____ (Microsoft Corporation) C:\Windows \SysWOW64\PresentationCFFRasterize rNative_v0300.dll 2015-05-12 14:49 - 2015-05-04 20:29 - 00342016 _____ (Microsoft Corporation) C:\Windows \system32\schannel.dll 2015-05-12 14:49 - 2015-05-04 20:12 - 00248832 _____ (Microsoft Corporation) C:\Windows \SysWOW64\schannel.dll 2015-05-12 14:49 - 2015-04-21 21:28 - 00389840 _____ (Microsoft Corporation) C:\Windows \system32\iedkcs32.dll 2015-05-12 14:49 - 2015-04-21 20:48 - 00342736 _____ (Microsoft Corporation) C:\Windows \SysWOW64\iedkcs32.dll 2015-05-12 14:49 - 2015-04-21 12:14 - 24971776 _____ (Microsoft Corporation) C:\Windows \system32\mshtml.dll 2015-05-12 14:49 - 2015-04-21 12:08 - 02724864 _____ (Microsoft Corporation) C:\Windows \system32\mshtml.tlb 2015-05-12 14:49 - 2015-04-21 12:07 - 00004096 _____ (Microsoft Corporation) C:\Windows \system32\ieetwcollectorres.dll 2015-05-12 14:49 - 2015-04-21 11:51 - 00066560 _____ (Microsoft Corporation) C:\Windows \system32\iesetup.dll 2015-05-12 14:49 - 2015-04-21 11:50 - 00584192 _____ (Microsoft Corporation) C:\Windows \system32\vbscript.dll 2015-05-12 14:49 - 2015-04-21 11:50 - 00417792 _____ (Microsoft Corporation) C:\Windows \system32\html.iec 2015-05-12 14:49 - 2015-04-21 11:50 - 00048640 _____ (Microsoft Corporation) C:\Windows \system32\ieetwproxystub.dll 2015-05-12 14:49 - 2015-04-21 11:49 - 02885120 _____ (Microsoft Corporation) C:\Windows \system32\iertutil.dll 2015-05-12 14:49 - 2015-04-21 11:48 - 00088064 _____ (Microsoft Corporation) C:\Windows \system32\MshtmlDac.dll 2015-05-12 14:49 - 2015-04-21 11:41 - 00054784 _____ (Microsoft Corporation) C:\Windows \system32\jsproxy.dll 2015-05-12 14:49 - 2015-04-21 11:40 - 00034304 _____ (Microsoft Corporation) C:\Windows \system32\iernonce.dll 2015-05-12 14:49 - 2015-04-21 11:37 - 00633856 _____ (Microsoft Corporation) C:\Windows \system32\ieui.dll 2015-05-12 14:49 - 2015-04-21 11:35 - 00816640 _____ (Microsoft Corporation) C:\Windows \system32\jscript.dll 2015-05-12 14:49 - 2015-04-21 11:35 - 00144384 _____ (Microsoft Corporation) C:\Windows \system32\ieUnatt.exe 2015-05-12 14:49 - 2015-04-21 11:35 - 00114688 _____ (Microsoft Corporation) C:\Windows \system32\ieetwcollector.exe 2015-05-12 14:49 - 2015-04-21 11:34 - 00814080 _____ (Microsoft Corporation) C:\Windows \system32\jscript9diag.dll 2015-05-12 14:49 - 2015-04-21 11:31 - 06025728 _____ (Microsoft Corporation) C:\Windows \system32\jscript9.dll 2015-05-12 14:49 - 2015-04-21 11:26 - 00968704 _____ (Microsoft Corporation) C:\Windows \system32\MsSpellCheckingFacility.ex e 2015-05-12 14:49 - 2015-04-21 11:25 - 02724864 _____ (Microsoft Corporation) C:\Windows \SysWOW64\mshtml.tlb 2015-05-12 14:49 - 2015-04-21 11:24 - 19691008 _____ (Microsoft Corporation) C:\Windows \SysWOW64\mshtml.dll 2015-05-12 14:49 - 2015-04-21 11:22 - 00490496 _____ (Microsoft Corporation) C:\Windows \system32\dxtmsft.dll 2015-05-12 14:49 - 2015-04-21 11:14 - 00077824 _____ (Microsoft Corporation) C:\Windows \system32\JavaScriptCollectionAgent. dll 2015-05-12 14:49 - 2015-04-21 11:11 - 00504320 _____ (Microsoft Corporation) C:\Windows \SysWOW64\vbscript.dll 2015-05-12 14:49 - 2015-04-21 11:11 - 00062464 _____ (Microsoft Corporation) C:\Windows \SysWOW64\iesetup.dll 2015-05-12 14:49 - 2015-04-21 11:10 - 00047616 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ieetwproxystub.dll 2015-05-12 14:49 - 2015-04-21 11:09 - 00341504 _____ (Microsoft Corporation) C:\Windows \SysWOW64\html.iec 2015-05-12 14:49 - 2015-04-21 11:09 - 00199680 _____ (Microsoft Corporation) C:\Windows \system32\msrating.dll 2015-05-12 14:49 - 2015-04-21 11:08 - 00092160 _____ (Microsoft Corporation) C:\Windows \system32\mshtmled.dll 2015-05-12 14:49 - 2015-04-21 11:08 - 00064000 _____ (Microsoft Corporation) C:\Windows \SysWOW64\MshtmlDac.dll 2015-05-12 14:49 - 2015-04-21 11:05 - 00316928 _____ (Microsoft Corporation) C:\Windows \system32\dxtrans.dll 2015-05-12 14:49 - 2015-04-21 11:04 - 02278400 _____ (Microsoft Corporation) C:\Windows \SysWOW64\iertutil.dll 2015-05-12 14:49 - 2015-04-21 11:03 - 00047104 _____ (Microsoft Corporation) C:\Windows \SysWOW64\jsproxy.dll 2015-05-12 14:49 - 2015-04-21 11:02 - 00030720 _____ (Microsoft Corporation) C:\Windows \SysWOW64\iernonce.dll 2015-05-12 14:49 - 2015-04-21 11:00 - 00478208 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ieui.dll 2015-05-12 14:49 - 2015-04-21 10:58 - 00664576 _____ (Microsoft Corporation) C:\Windows \SysWOW64\jscript.dll 2015-05-12 14:49 - 2015-04-21 10:58 - 00115712 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ieUnatt.exe 2015-05-12 14:49 - 2015-04-21 10:57 - 00620032 _____ (Microsoft Corporation) C:\Windows \SysWOW64\jscript9diag.dll 2015-05-12 14:49 - 2015-04-21 10:49 - 00801280 _____ (Microsoft Corporation) C:\Windows \system32\msfeeds.dll 2015-05-12 14:49 - 2015-04-21 10:49 - 00720384 _____ (Microsoft Corporation) C:\Windows \system32\ie4uinit.exe 2015-05-12 14:49 - 2015-04-21 10:48 - 00418304 _____ (Microsoft Corporation) C:\Windows \SysWOW64\dxtmsft.dll 2015-05-12 14:49 - 2015-04-21 10:47 - 01359360 _____ (Microsoft Corporation) C:\Windows \system32\mshtmlmedia.dll 2015-05-12 14:49 - 2015-04-21 10:46 - 02125824 _____ (Microsoft Corporation) C:\Windows \system32\inetcpl.cpl 2015-05-12 14:49 - 2015-04-21 10:43 - 00060416 _____ (Microsoft Corporation) C:\Windows \SysWOW64\JavaScriptCollectionAgen t.dll 2015-05-12 14:49 - 2015-04-21 10:40 - 14401536 _____ (Microsoft Corporation) C:\Windows \system32\ieframe.dll 2015-05-12 14:49 - 2015-04-21 10:39 - 00168960 _____ (Microsoft Corporation) C:\Windows \SysWOW64\msrating.dll 2015-05-12 14:49 - 2015-04-21 10:38 - 00076288 _____ (Microsoft Corporation) C:\Windows \SysWOW64\mshtmled.dll 2015-05-12 14:49 - 2015-04-21 10:36 - 00285696 _____ (Microsoft Corporation) C:\Windows \SysWOW64\dxtrans.dll 2015-05-12 14:49 - 2015-04-21 10:31 - 04305920 _____ (Microsoft Corporation) C:\Windows \SysWOW64\jscript9.dll 2015-05-12 14:49 - 2015-04-21 10:27 - 02352128 _____ (Microsoft Corporation) C:\Windows \system32\wininet.dll 2015-05-12 14:49 - 2015-04-21 10:26 - 00688640 _____ (Microsoft Corporation) C:\Windows \SysWOW64\msfeeds.dll 2015-05-12 14:49 - 2015-04-21 10:25 - 02052608 _____ (Microsoft Corporation) C:\Windows \SysWOW64\inetcpl.cpl 2015-05-12 14:49 - 2015-04-21 10:24 - 01155072 _____ (Microsoft Corporation) C:\Windows \SysWOW64\mshtmlmedia.dll 2015-05-12 14:49 - 2015-04-21 10:17 - 12828672 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ieframe.dll 2015-05-12 14:49 - 2015-04-21 10:15 - 01547264 _____ (Microsoft Corporation) C:\Windows \system32\urlmon.dll 2015-05-12 14:49 - 2015-04-21 10:03 - 00800768 _____ (Microsoft Corporation) C:\Windows \system32\ieapfltr.dll 2015-05-12 14:49 - 2015-04-21 10:02 - 01882112 _____ (Microsoft Corporation) C:\Windows \SysWOW64\wininet.dll 2015-05-12 14:49 - 2015-04-21 09:58 - 01310208 _____ (Microsoft Corporation) C:\Windows \SysWOW64\urlmon.dll 2015-05-12 14:49 - 2015-04-21 09:56 - 00710144 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ieapfltr.dll 2015-05-12 14:49 - 2015-04-17 22:10 - 00460800 _____ (Microsoft Corporation) C:\Windows \system32\certcli.dll 2015-05-12 14:49 - 2015-04-17 21:56 - 00342016 _____ (Microsoft Corporation) C:\Windows \SysWOW64\certcli.dll 2015-05-12 14:49 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\Windows \system32\services.exe 2015-05-12 14:48 - 2015-04-27 14:28 - 05569984 _____ (Microsoft Corporation) C:\Windows \system32\ntoskrnl.exe 2015-05-12 14:48 - 2015-04-27 14:28 - 00155584 _____ (Microsoft Corporation) C:\Windows \system32\Drivers\ksecpkg.sys 2015-05-12 14:48 - 2015-04-27 14:28 - 00095680 _____ (Microsoft Corporation) C:\Windows \system32\Drivers\ksecdd.sys 2015-05-12 14:48 - 2015-04-27 14:26 - 01728960 _____ (Microsoft Corporation) C:\Windows \system32\ntdll.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 01461760 _____ (Microsoft Corporation) C:\Windows \system32\lsasrv.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 01254400 _____ (Microsoft Corporation) C:\Windows \system32\diagtrack.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 01162752 _____ (Microsoft Corporation) C:\Windows \system32\kernel32.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00879104 _____ (Microsoft Corporation) C:\Windows \system32\tdh.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00879104 _____ (Microsoft Corporation) C:\Windows \system32\advapi32.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00728064 _____ (Microsoft Corporation) C:\Windows \system32\kerberos.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00503808 _____ (Microsoft Corporation) C:\Windows \system32\srcore.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00424448 _____ (Microsoft Corporation) C:\Windows \system32\KernelBase.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00362496 _____ (Microsoft Corporation) C:\Windows \system32\wow64win.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00314880 _____ (Microsoft Corporation) C:\Windows \system32\msv1_0.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00309760 _____ (Microsoft Corporation) C:\Windows \system32\ncrypt.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00243712 _____ (Microsoft Corporation) C:\Windows \system32\wow64.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00215040 _____ (Microsoft Corporation) C:\Windows \system32\winsrv.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00210944 _____ (Microsoft Corporation) C:\Windows \system32\wdigest.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00136192 _____ (Microsoft Corporation) C:\Windows \system32\sspicli.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00113664 _____ (Microsoft Corporation) C:\Windows \system32\sechost.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00086528 _____ (Microsoft Corporation) C:\Windows \system32\TSpkg.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00050176 _____ (Microsoft Corporation) C:\Windows \system32\srclient.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00043520 _____ (Microsoft Corporation) C:\Windows \system32\csrsrv.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00029184 _____ (Microsoft Corporation) C:\Windows \system32\sspisrv.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00028160 _____ (Microsoft Corporation) C:\Windows \system32\secur32.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00022016 _____ (Microsoft Corporation) C:\Windows \system32\credssp.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00016384 _____ (Microsoft Corporation) C:\Windows \system32\ntvdm64.dll 2015-05-12 14:48 - 2015-04-27 14:23 - 00013312 _____ (Microsoft Corporation) C:\Windows \system32\wow64cpu.dll 2015-05-12 14:48 - 2015-04-27 14:22 - 00404992 _____ (Microsoft Corporation) C:\Windows \system32\tracerpt.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00338432 _____ (Microsoft Corporation) C:\Windows \system32\conhost.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00296960 _____ (Microsoft Corporation) C:\Windows \system32\rstrui.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00112640 _____ (Microsoft Corporation) C:\Windows \system32\smss.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00104448 _____ (Microsoft Corporation) C:\Windows \system32\logman.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00047104 _____ (Microsoft Corporation) C:\Windows \system32\typeperf.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00043008 _____ (Microsoft Corporation) C:\Windows \system32\relog.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00031232 _____ (Microsoft Corporation) C:\Windows \system32\lsass.exe 2015-05-12 14:48 - 2015-04-27 14:22 - 00019456 _____ (Microsoft Corporation) C:\Windows \system32\diskperf.exe 2015-05-12 14:48 - 2015-04-27 14:21 - 00064000 _____ (Microsoft Corporation) C:\Windows \system32\auditpol.exe 2015-05-12 14:48 - 2015-04-27 14:18 - 00146432 _____ (Microsoft Corporation) C:\Windows \system32\msaudite.dll 2015-05-12 14:48 - 2015-04-27 14:18 - 00060416 _____ (Microsoft Corporation) C:\Windows \system32\msobjs.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00686080 _____ (Microsoft Corporation) C:\Windows \system32\adtschema.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00006656 _____ (Microsoft Corporation) C:\Windows \system32\apisetschema.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00006144 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-security-base- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00005120 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-file-l1-1- 0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00004608 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- threadpool-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00004608 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- processthreads-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-sysinfo-l1 -1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-synch-l1- 1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- localregistry-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00004096 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- localization-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- rtlsupport-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- processenvironment-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- namedpipe-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-misc-l1-1 -0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-memory- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- libraryloader-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003584 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-heap-l1-1 -0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-xstate-l1 -1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-util-l1-1- 0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-string-l1- 1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-profile-l1 -1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-io-l1-1- 0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- interlocked-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-handle-l1 -1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-fibers-l1- 1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- errorhandling-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core- delayload-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-debug-l1 -1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-datetime- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:16 - 00003072 ____H (Microsoft Corporation) C:\Windows \system32\api-ms-win-core-console- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 14:11 - 03989440 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ntkrnlpa.exe 2015-05-12 14:48 - 2015-04-27 14:11 - 03934144 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ntoskrnl.exe 2015-05-12 14:48 - 2015-04-27 14:08 - 01310744 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ntdll.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00635392 _____ (Microsoft Corporation) C:\Windows \SysWOW64\tdh.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00259584 _____ (Microsoft Corporation) C:\Windows \SysWOW64\msv1_0.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00221184 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ncrypt.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00172032 _____ (Microsoft Corporation) C:\Windows \SysWOW64\wdigest.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00092160 _____ (Microsoft Corporation) C:\Windows \SysWOW64\sechost.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00065536 _____ (Microsoft Corporation) C:\Windows \SysWOW64\TSpkg.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows \SysWOW64\srclient.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00022016 _____ (Microsoft Corporation) C:\Windows \SysWOW64\secur32.dll 2015-05-12 14:48 - 2015-04-27 14:05 - 00014336 _____ (Microsoft Corporation) C:\Windows \SysWOW64\ntvdm64.dll 2015-05-12 14:48 - 2015-04-27 14:04 - 00641536 _____ (Microsoft Corporation) C:\Windows \SysWOW64\advapi32.dll 2015-05-12 14:48 - 2015-04-27 14:04 - 00550912 _____ (Microsoft Corporation) C:\Windows \SysWOW64\kerberos.dll 2015-05-12 14:48 - 2015-04-27 14:04 - 00364544 _____ (Microsoft Corporation) C:\Windows \SysWOW64\tracerpt.exe 2015-05-12 14:48 - 2015-04-27 14:04 - 00082944 _____ (Microsoft Corporation) C:\Windows \SysWOW64\logman.exe 2015-05-12 14:48 - 2015-04-27 14:04 - 00040448 _____ (Microsoft Corporation) C:\Windows \SysWOW64\typeperf.exe 2015-05-12 14:48 - 2015-04-27 14:04 - 00037888 _____ (Microsoft Corporation) C:\Windows \SysWOW64\relog.exe 2015-05-12 14:48 - 2015-04-27 14:04 - 00025600 _____ (Microsoft Corporation) C:\Windows \SysWOW64\setup16.exe 2015-05-12 14:48 - 2015-04-27 14:04 - 00017408 _____ (Microsoft Corporation) C:\Windows \SysWOW64\credssp.dll 2015-05-12 14:48 - 2015-04-27 14:03 - 01114112 _____ (Microsoft Corporation) C:\Windows \SysWOW64\kernel32.dll 2015-05-12 14:48 - 2015-04-27 14:03 - 00274944 _____ (Microsoft Corporation) C:\Windows \SysWOW64\KernelBase.dll 2015-05-12 14:48 - 2015-04-27 14:03 - 00096768 _____ (Microsoft Corporation) C:\Windows \SysWOW64\sspicli.dll 2015-05-12 14:48 - 2015-04-27 14:03 - 00050176 _____ (Microsoft Corporation) C:\Windows \SysWOW64\auditpol.exe 2015-05-12 14:48 - 2015-04-27 14:03 - 00017408 _____ (Microsoft Corporation) C:\Windows \SysWOW64\diskperf.exe 2015-05-12 14:48 - 2015-04-27 14:03 - 00005120 _____ (Microsoft Corporation) C:\Windows \SysWOW64\wow32.dll 2015-05-12 14:48 - 2015-04-27 14:01 - 00146432 _____ (Microsoft Corporation) C:\Windows \SysWOW64\msaudite.dll 2015-05-12 14:48 - 2015-04-27 14:01 - 00060416 _____ (Microsoft Corporation) C:\Windows \SysWOW64\msobjs.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00686080 _____ (Microsoft Corporation) C:\Windows \SysWOW64\adtschema.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows \SysWOW64\apisetschema.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-file-l1-1 -0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- processthreads-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-sysinfo- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-synch- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-misc-l1 -1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- localregistry-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- localization-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- processenvironment-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- namedpipe-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- memory-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- libraryloader-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- interlocked-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-heap-l1 -1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-string- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- rtlsupport-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-profile- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-io-l1-1- 0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-handle- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-fibers- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- errorhandling-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- delayload-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-debug- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- datetime-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- console-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 13:06 - 00036864 _____ (Microsoft Corporation) C:\Windows \system32\UtcResources.dll 2015-05-12 14:48 - 2015-04-27 12:57 - 00007680 _____ (Microsoft Corporation) C:\Windows \SysWOW64\instnm.exe 2015-05-12 14:48 - 2015-04-27 12:57 - 00002048 _____ (Microsoft Corporation) C:\Windows \SysWOW64\user.exe 2015-05-12 14:48 - 2015-04-27 12:55 - 00006144 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-security- base-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 12:55 - 00004608 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core- threadpool-l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-xstate- l1-1-0.dll 2015-05-12 14:48 - 2015-04-27 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows \SysWOW64\api-ms-win-core-util-l1- 1-0.dll 2015-05-12 14:48 - 2015-04-19 22:17 - 01647104 _____ (Microsoft Corporation) C:\Windows \system32\DWrite.dll 2015-05-12 14:48 - 2015-04-19 22:17 - 01179136 _____ (Microsoft Corporation) C:\Windows \system32\FntCache.dll 2015-05-12 14:48 - 2015-04-19 21:56 - 01250816 _____ (Microsoft Corporation) C:\Windows \SysWOW64\DWrite.dll 2015-05-12 14:48 - 2015-04-19 21:11 - 03204608 _____ (Microsoft Corporation) C:\Windows \system32\win32k.sys 2015-05-12 14:48 - 2015-04-07 22:29 - 00275456 _____ (Microsoft Corporation) C:\Windows \system32\InkEd.dll 2015-05-12 14:48 - 2015-04-07 22:29 - 00024576 _____ (Microsoft Corporation) C:\Windows \system32\jnwmon.dll 2015-05-12 14:48 - 2015-04-07 22:14 - 00216064 _____ (Microsoft Corporation) C:\Windows \SysWOW64\InkEd.dll 2015-05-12 14:48 - 2015-03-03 23:41 - 00342016 _____ (Microsoft Corporation) C:\Windows \system32\apphelp.dll 2015-05-12 14:48 - 2015-03-03 23:41 - 00072192 _____ (Microsoft Corporation) C:\Windows \system32\aelupsvc.dll 2015-05-12 14:48 - 2015-03-03 23:41 - 00023552 _____ (Microsoft Corporation) C:\Windows \system32\sdbinst.exe 2015-05-12 14:48 - 2015-03-03 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows \system32\shimeng.dll 2015-05-12 14:48 - 2015-03-03 23:11 - 00005120 _____ (Microsoft Corporation) C:\Windows \SysWOW64\shimeng.dll 2015-05-12 14:48 - 2015-03-03 23:10 - 00295936 _____ (Microsoft Corporation) C:\Windows \SysWOW64\apphelp.dll 2015-05-12 14:48 - 2015-03-03 23:10 - 00020992 _____ (Microsoft Corporation) C:\Windows \SysWOW64\sdbinst.exe 2015-05-12 14:48 - 2015-02-18 02:06 - 00123904 _____ (Microsoft Corporation) C:\Windows \SysWOW64\poqexec.exe 2015-05-12 14:48 - 2015-02-18 02:04 - 00142336 _____ (Microsoft Corporation) C:\Windows \system32\poqexec.exe 2015-05-12 14:48 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\Windows \system32\wpdshext.dll 2015-05-12 14:48 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\Windows \SysWOW64\wpdshext.dll 2015-05-11 22:02 - 2015-05-11 22:02 - 00000298 _____ () C:\Users \Sinnfamily\Desktop\parking.txt 2015-05-09 23:33 - 2015-05-09 23:33 - 00000488 _____ () C:\Users \Sinnfamily\Desktop\setup for Heather.txt 2015-05-07 19:04 - 2015-05-15 04:21 - 00020716 _____ () C:\Users \Sinnfamily\Desktop\planning.ods 2015-05-07 15:32 - 2015-05-07 15:32 - 00188416 _____ () C:\Users \Sinnfamily\Desktop\certificate-of- participation-1.pot 2015-04-27 10:01 - 2015-04-27 10:01 - 00000049 _____ () C:\Users \Sinnfamily\Desktop\link to JSA womans page.txt ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-22 16:12 - 2009-11-26 12:46 - 01296374 _____ () C:\Windows \WindowsUpdate.log 2015-05-22 16:10 - 2014-12-31 22:06 - 00000348 _____ () C:\Windows \Tasks\HP Photo Creations Communicator.job 2015-05-22 16:10 - 2013-03-20 10:23 - 00000412 _____ () C:\Windows \Tasks \FreeFileViewerUpdateChecker.job 2015-05-22 16:10 - 2011-09-21 15:49 - 00000894 _____ () C:\Windows \Tasks \GoogleUpdateTaskMachineCore.job 2015-05-22 16:09 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows \Tasks\SA.DAT 2015-05-22 16:03 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows \system32\7B296FB0-376B-497e- B012-9C450E1B7327-5P-1.C7483456 -A289-439d-8115-601632D005A0 2015-05-22 16:03 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows \system32\7B296FB0-376B-497e- B012-9C450E1B7327-5P-0.C7483456 -A289-439d-8115-601632D005A0 2015-05-22 16:00 - 2013-06-13 11:32 - 00000830 _____ () C:\Windows \Tasks\Adobe Flash Player Updater.job 2015-05-22 16:00 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows \system32\PerfStringBackup.INI 2015-05-22 15:59 - 2011-02-15 13:35 - 00000928 _____ () C:\Windows \Tasks\GoogleUpdateTaskUserS-1-5- 21-2643768202-156854014- 2583388340-1001UA.job 2015-05-22 15:54 - 2011-02-15 13:35 - 00000876 _____ () C:\Windows \Tasks\GoogleUpdateTaskUserS-1-5- 21-2643768202-156854014- 2583388340-1001Core.job 2015-05-22 15:49 - 2011-09-21 15:49 - 00000898 _____ () C:\Windows \Tasks \GoogleUpdateTaskMachineUA.job 2015-05-21 19:58 - 2009-12-20 10:43 - 00000000 ____D () C:\Users \Sinnfamily\AppData\Roaming\Adobe 2015-05-21 06:23 - 2011-11-11 21:22 - 00000114 _____ () C:\Users \Sinnfamily\jobq.dat 2015-05-21 06:22 - 2015-01-29 23:21 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\2015 SIS 2015-05-21 06:18 - 2011-04-11 23:59 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\Family tree 2015-05-21 06:17 - 2014-01-17 20:26 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\SIS 2014 2015-05-21 06:17 - 2010-12-11 22:17 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\BBR handouts & interview stuff 2015-05-20 19:48 - 2010-09-17 22:46 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\New folder 2015-05-20 16:41 - 2010-09-30 09:14 - 00000000 ____D () C:\ProgramData \MFAData 2015-05-20 16:13 - 2011-04-09 20:27 - 00000000 ____D () C:\Windows \RegisteredPackages 2015-05-20 16:12 - 2014-02-16 13:40 - 00000000 ____D () C:\Program Files\Conduit 2015-05-20 16:12 - 2014-02-16 13:40 - 00000000 ____D () C:\Program Files (x86)\Conduit 2015-05-20 15:34 - 2012-01-01 11:18 - 00000000 ____D () C:\Windows\pss 2015-05-20 10:32 - 2014-12-13 20:32 - 00000352 _____ () C:\Windows \Tasks \HPCeeScheduleForSinnfamily.job 2015-05-20 09:45 - 2011-01-10 18:38 - 00000000 ____D () C:\Users \Sinnfamily\AppData\Roaming\Skype 2015-05-20 09:45 - 2009-12-21 17:00 - 00000000 ____D () C:\Users \Sinnfamily\AppData\Roaming \HpUpdate 2015-05-20 09:45 - 2009-08-21 14:36 - 00000000 ____D () C:\ProgramData \Temp 2015-05-20 09:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows \system32\sysprep 2015-05-20 09:40 - 2012-10-06 19:07 - 00000000 ____D () C:\ProgramData \AVG 2015-05-20 09:39 - 2011-11-04 00:29 - 00000000 ____D () C:\Users \Sinnfamily\AppData\Roaming\AVG 2015-05-20 09:39 - 2010-02-21 19:42 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-05-20 08:10 - 2014-12-13 20:32 - 00003216 _____ () C:\Windows \System32\Tasks \HPCeeScheduleForSinnfamily 2015-05-20 07:56 - 2009-07-14 00:08 - 00032560 _____ () C:\Windows \Tasks\SCHEDLGU.TXT 2015-05-19 18:32 - 2012-04-08 14:23 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\BBR2012 2015-05-19 18:10 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows \SysWOW64\GWX 2015-05-19 18:10 - 2015-04-05 03:01 - 00000000 ___SD () C:\Windows \system32\GWX 2015-05-18 15:30 - 2011-04-09 20:27 - 00000000 ____D () C:\Users \Sinnfamily\Documents\Family Tree Maker 2015-05-17 04:54 - 2011-02-15 13:35 - 00003908 _____ () C:\Windows \System32\Tasks \GoogleUpdateTaskUserS-1-5-21- 2643768202-156854014-2583388340 -1001UA 2015-05-17 04:54 - 2011-02-15 13:35 - 00003512 _____ () C:\Windows \System32\Tasks \GoogleUpdateTaskUserS-1-5-21- 2643768202-156854014-2583388340 -1001Core 2015-05-17 04:28 - 2014-02-14 21:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-16 19:27 - 2015-03-01 00:55 - 00000052 _____ () C:\Windows \SysWOW64\DOErrors.log 2015-05-15 15:44 - 2011-09-21 15:49 - 00003894 _____ () C:\Windows \System32\Tasks \GoogleUpdateTaskMachineUA 2015-05-15 15:44 - 2011-09-21 15:49 - 00003642 _____ () C:\Windows \System32\Tasks \GoogleUpdateTaskMachineCore 2015-05-13 06:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows \rescache 2015-05-13 03:36 - 2009-07-13 23:45 - 00359008 _____ () C:\Windows \system32\FNTCACHE.DAT 2015-05-13 03:35 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-13 03:35 - 2013-03-14 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-05-13 03:32 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-13 03:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows \system32\AdvancedInstallers 2015-05-13 03:13 - 2013-08-01 03:05 - 00000000 ____D () C:\Windows \system32\MRT 2015-05-13 03:08 - 2009-12-23 06:44 - 140425016 _____ (Microsoft Corporation) C:\Windows \system32\MRT.exe 2015-05-13 03:03 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData \Microsoft\Windows\Start Menu \Programs\Microsoft Silverlight 2015-05-11 08:30 - 2012-08-08 23:54 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\Newletter 2015-05-04 09:08 - 2010-01-14 19:11 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\Bills paid 2015-05-04 08:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows \system32\NDF 2015-05-04 07:48 - 2010-04-20 06:30 - 00000000 ____D () C:\Users \Sinnfamily\Desktop\Scot's stuff 2015-05-04 07:46 - 2009-12-20 13:58 - 00029720 _____ () C:\Users \Sinnfamily\AppData\Roaming \wklnhst.dat 2015-04-30 16:38 - 2009-12-20 18:16 - 00000552 _____ () C:\Windows \Tasks \PCDRScheduledMaintenance.job 2015-04-30 07:06 - 2014-03-31 12:52 - 00000000 ____D () C:\ProgramData \Microsoft\Windows\Start Menu \Programs\AVG 2015-04-27 11:37 - 2013-10-22 08:27 - 00000000 ____D () C:\ProgramData \Oracle 2015-04-27 11:37 - 2010-04-02 05:20 - 00000000 ____D () C:\Program Files (x86)\Java 2015-04-27 11:36 - 2014-10-20 16:51 - 00098216 _____ (Oracle Corporation) C:\Windows \SysWOW64\WindowsAccessBridge- 32.dll ==================== Files in the root of some directories ======= 2014-11-28 06:27 - 2015-03-12 23:04 - 0000115 _____ () C:\Users \Sinnfamily\AppData\Roaming \LogFile.txt 2009-12-20 13:58 - 2015-05-04 07:46 - 0029720 _____ () C:\Users \Sinnfamily\AppData\Roaming \wklnhst.dat 2011-10-04 16:39 - 2014-03-11 08:40 - 0123098 _____ () C:\Users \Sinnfamily\AppData\Local\ars.cache 2011-10-04 16:39 - 2014-03-11 08:40 - 1687450 _____ () C:\Users \Sinnfamily\AppData\Local \census.cache 2010-01-21 22:06 - 2010-01-21 22:06 - 0000036 _____ () C:\Users \Sinnfamily\AppData\Local \housecall.guid.cache 2011-11-04 15:30 - 2012-03-02 15:37 - 0007616 _____ () C:\Users \Sinnfamily\AppData\Local \Resmon.ResmonCfg 2014-03-11 08:09 - 2014-03-11 08:09 - 0000010 _____ () C:\Users \Sinnfamily\AppData\Local \sponge.last.runtime.cache 2012-07-02 13:31 - 2012-07-02 13:31 - 2799039 _____ () C:\Users \Sinnfamily\AppData\Local \tmp008.JPG 2012-08-06 12:29 - 2012-08-06 12:30 - 2124933 _____ () C:\Users \Sinnfamily\AppData\Local\tmp1.JPG 2011-03-22 12:37 - 2011-03-22 12:37 - 0083509 _____ () C:\Users \Sinnfamily\AppData\Local \tmp162721_1808201247450_1312501 035_2079019_43889_N[1].JPG 2011-08-23 20:28 - 2011-08-23 20:28 - 0014004 _____ () C:\Users \Sinnfamily\AppData\Local \tmp168319_1869646863991_1325676 592_2419376_8148056_N.JPG 2012-04-18 11:45 - 2012-04-18 11:45 - 1242447 _____ () C:\Users \Sinnfamily\AppData\Local\tmp2012- 04-17_21-38-59_182.0 2012-04-18 11:45 - 2012-04-18 11:45 - 0499522 _____ () C:\Users \Sinnfamily\AppData\Local\tmp2012- 04-17_21-38-59_182.JPG 2012-10-23 11:40 - 2012-10-23 11:40 - 1284650 _____ () C:\Users \Sinnfamily\AppData\Local \tmp20120205PARADE AWARD0001.0 2012-10-23 11:40 - 2012-10-23 11:40 - 0833582 _____ () C:\Users \Sinnfamily\AppData\Local \tmp20120205PARADE AWARD0001.JPG 2011-05-08 17:02 - 2011-05-08 17:02 - 0012434 _____ () C:\Users \Sinnfamily\AppData\Local \tmp222240_158756360853195_10000 1564965041_380420_6001237_N.JPG 2011-06-18 23:29 - 2011-06-18 23:29 - 0276955 _____ () C:\Users \Sinnfamily\AppData\Local \tmp257237_117407341680488_10000 2336692814_156079_3039679_O.0 2011-06-18 23:29 - 2011-06-18 23:29 - 0247997 _____ () C:\Users \Sinnfamily\AppData\Local \tmp257237_117407341680488_10000 2336692814_156079_3039679_O.JPG 2012-10-28 12:49 - 2012-10-28 12:49 - 0040236 _____ () C:\Users \Sinnfamily\AppData\Local \tmp2B98A1C0D66B.JPG 2012-07-23 17:15 - 2012-07-23 17:15 - 0042681 _____ () C:\Users \Sinnfamily\AppData\Local \tmp530065_10151032695518389_150 0591922_N.JPG 2011-10-04 09:19 - 2011-10-04 09:19 - 0105908 _____ () C:\Users \Sinnfamily\AppData\Local \tmp533706_DEFAULT.JPG 2011-03-22 12:30 - 2011-03-22 12:30 - 0044793 _____ () C:\Users \Sinnfamily\AppData\Local \tmp6776_1225016944450_119979888 0_30669952_5465887_N[1].JPG 2012-03-04 15:59 - 2012-03-04 15:59 - 0007307 _____ () C:\Users \Sinnfamily\AppData\Local \tmp70760_100000487607807_190706 0964_N.0 2012-03-04 15:59 - 2012-03-04 15:59 - 0007478 _____ () C:\Users \Sinnfamily\AppData\Local \tmp70760_100000487607807_190706 0964_N.1 2012-03-04 15:59 - 2012-03-04 15:59 - 0007635 _____ () C:\Users \Sinnfamily\AppData\Local \tmp70760_100000487607807_190706 0964_N.JPG 2012-08-08 12:22 - 2012-08-08 12:22 - 0145542 _____ () C:\Users \Sinnfamily\AppData\Local \tmpBO0222.JPG 2010-06-14 19:30 - 2010-06-14 19:30 - 3815225 _____ () C:\Users \Sinnfamily\AppData\Local \tmpCURIOSITY[1].0 2010-06-14 19:30 - 2010-06-14 19:30 - 0749501 _____ () C:\Users \Sinnfamily\AppData\Local \tmpCURIOSITY[1].JPG 2012-08-12 10:03 - 2012-08-12 10:03 - 0078042 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDFJJDAYS.0 2012-08-12 10:03 - 2012-08-12 10:03 - 0073577 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDFJJDAYS.JPG 2012-08-04 13:50 - 2012-08-04 13:50 - 3744944 _____ () C:\Users \Sinnfamily\AppData\Local\tmpDOTTY 2.JPG 2012-04-29 15:45 - 2012-04-29 15:45 - 3795290 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0066.JPG 2012-04-29 15:46 - 2012-04-29 15:46 - 4073377 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0067.JPG 2012-04-29 15:48 - 2012-04-29 15:48 - 3826196 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0068.JPG 2012-04-29 16:15 - 2012-04-29 16:15 - 3979096 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0069.JPG 2012-04-29 16:16 - 2012-04-29 16:16 - 3860447 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0071.JPG 2012-06-07 20:05 - 2012-06-07 20:05 - 1324937 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0113.0 2012-06-07 20:05 - 2012-06-07 20:05 - 1134693 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0113.JPG 2012-06-07 20:06 - 2012-06-07 20:10 - 1169968 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0114.0 2012-06-07 20:10 - 2012-06-07 20:10 - 1165070 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0114.JPG 2012-06-07 20:07 - 2012-06-07 20:07 - 1132928 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0115.0 2012-06-07 20:07 - 2012-06-07 20:07 - 1466839 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0115.JPG 2012-06-07 20:03 - 2012-06-07 20:03 - 1344625 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0121.0 2012-06-07 20:03 - 2012-06-07 20:03 - 0922643 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0121.JPG 2012-06-07 20:02 - 2012-06-07 20:02 - 1354697 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0126.0 2012-06-07 20:02 - 2012-06-07 20:02 - 0861878 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0126.JPG 2012-06-07 23:55 - 2012-06-07 23:55 - 3874104 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0129.JPG 2012-06-07 23:56 - 2012-06-07 23:56 - 0293557 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0129_CROP.JPG 2012-07-30 23:17 - 2012-07-30 23:17 - 3818272 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0222.0 2012-07-30 23:17 - 2012-07-30 23:17 - 1247679 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0222.1 2012-07-30 23:17 - 2012-07-30 23:17 - 1317022 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0222.JPG 2012-07-30 23:18 - 2012-07-30 23:18 - 3680209 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0223.0 2012-07-30 23:18 - 2012-07-30 23:18 - 1890416 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0223.JPG 2012-07-30 23:20 - 2012-07-30 23:20 - 4060088 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0224.0 2012-07-30 23:20 - 2012-07-30 23:20 - 1670553 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0224.JPG 2012-07-30 23:21 - 2012-07-30 23:21 - 3876040 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0225.0 2012-07-30 23:21 - 2012-07-30 23:21 - 1243214 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0225.JPG 2012-07-30 23:15 - 2012-07-30 23:15 - 3911025 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0228.0 2012-07-30 23:15 - 2012-07-30 23:15 - 1859570 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0228.JPG 2012-07-30 23:13 - 2012-07-30 23:13 - 3925542 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0230.0 2012-07-30 23:13 - 2012-07-30 23:13 - 1701643 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0230.JPG 2012-07-30 23:14 - 2012-07-30 23:14 - 3777079 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0231.0 2012-07-30 23:14 - 2012-07-30 23:14 - 1903590 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0231.JPG 2012-12-16 13:17 - 2012-12-16 13:17 - 2699209 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0423.0 2012-12-16 13:17 - 2012-12-16 13:17 - 0981494 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0423.JPG 2012-12-16 13:16 - 2012-12-16 13:16 - 2344082 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0427.JPG 2013-06-15 18:54 - 2013-06-15 18:54 - 3845545 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0646.JPG 2013-06-15 18:55 - 2013-06-15 18:55 - 3825319 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0648.JPG 2013-06-15 18:55 - 2013-06-15 18:55 - 3655438 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0654.JPG 2013-06-15 18:52 - 2013-06-15 18:52 - 3813732 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0657.JPG 2013-06-15 18:53 - 2013-06-15 18:53 - 3520275 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0661.JPG 2013-06-15 18:50 - 2013-06-15 18:50 - 3700495 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0662.JPG 2013-06-23 09:23 - 2013-06-23 09:23 - 3881342 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0669.JPG 2013-06-23 09:12 - 2013-06-23 09:12 - 4069139 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0683.JPG 2013-06-23 09:01 - 2013-06-23 09:01 - 3776503 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0692.JPG 2013-06-23 09:09 - 2013-06-23 09:09 - 3918280 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0693.JPG 2013-06-23 09:11 - 2013-06-23 09:11 - 4029641 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0694.JPG 2013-06-23 09:08 - 2013-06-23 09:08 - 3801721 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0695.JPG 2013-06-23 09:03 - 2013-06-23 09:03 - 4034112 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0696.0 2013-06-23 09:03 - 2013-06-23 09:03 - 1620362 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0696.JPG 2013-06-23 09:15 - 2013-06-23 09:15 - 3963372 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0699.JPG 2013-06-23 09:16 - 2013-06-23 09:16 - 3879562 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0700.JPG 2013-07-08 07:39 - 2013-07-08 07:39 - 4196228 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0709.JPG 2013-07-21 19:46 - 2013-07-21 19:46 - 3824830 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0757.JPG 2013-07-21 19:59 - 2013-07-21 19:59 - 4239298 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0766.JPG 2013-07-21 19:55 - 2013-07-21 19:55 - 3935137 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0775.0 2013-07-21 19:55 - 2013-07-21 19:55 - 1589176 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0775.JPG 2013-07-21 19:58 - 2013-07-21 19:58 - 3579938 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0777.0 2013-07-21 19:58 - 2013-07-21 19:58 - 1970441 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0777.JPG 2013-07-21 19:48 - 2013-07-21 19:48 - 3807746 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0779.0 2013-07-21 19:48 - 2013-07-21 19:48 - 1027164 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0779.JPG 2013-08-08 22:59 - 2013-08-08 22:59 - 3565728 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0824.JPG 2012-10-21 13:52 - 2012-10-21 13:52 - 2325452 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF0878.JPG 2010-01-16 21:18 - 2010-01-16 21:18 - 2048379 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1417.JPG 2010-07-10 09:40 - 2010-07-10 09:40 - 1265628 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1469.JPG 2010-05-31 07:57 - 2010-05-31 07:57 - 1277265 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1487.JPG 2010-05-31 07:42 - 2010-05-31 07:42 - 1272013 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1541.JPG 2010-06-06 09:18 - 2010-06-06 09:18 - 1263599 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1549.JPG 2010-06-06 09:20 - 2010-06-06 09:20 - 1301262 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1551.JPG 2010-06-06 09:22 - 2010-06-06 09:22 - 1306984 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1553.0 2010-06-06 09:22 - 2010-06-06 09:22 - 0547400 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1553.JPG 2010-06-06 09:23 - 2010-06-06 09:23 - 1309557 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1557.0 2010-06-06 09:23 - 2010-06-06 09:23 - 0473630 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1557.JPG 2010-06-06 09:25 - 2010-06-06 09:25 - 1267254 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1565.0 2010-06-06 09:25 - 2010-06-06 09:25 - 0594259 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1565.JPG 2010-06-06 09:27 - 2010-06-06 09:27 - 1339875 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1568.0 2010-06-06 09:27 - 2010-06-06 09:27 - 0520586 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1568.JPG 2010-06-06 09:29 - 2010-06-06 09:29 - 1280711 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1569.0 2010-06-06 09:29 - 2010-06-06 09:29 - 0518193 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1569.JPG 2010-06-06 09:30 - 2010-06-06 09:30 - 1274621 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1570.0 2010-06-06 09:30 - 2010-06-06 09:30 - 0599313 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1570.JPG 2010-06-06 09:32 - 2010-06-06 09:32 - 1304661 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1572.0 2010-06-06 09:32 - 2010-06-06 09:32 - 0564461 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1572.JPG 2010-06-06 09:33 - 2010-06-06 09:33 - 1300830 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1578.JPG 2010-08-22 20:39 - 2010-08-22 20:39 - 0121084 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1640.JPG 2010-08-22 20:44 - 2010-08-22 20:44 - 0117011 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1644.JPG 2010-08-22 20:41 - 2010-08-22 20:41 - 0117101 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1654.JPG 2010-08-30 11:06 - 2010-08-30 11:06 - 0122993 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1695.0 2010-08-30 11:06 - 2010-08-30 11:06 - 0060817 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1695.JPG 2010-09-06 18:15 - 2010-09-06 18:15 - 0124348 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1714.0 2010-09-06 18:15 - 2010-09-06 18:15 - 0108811 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1714.JPG 2010-09-06 18:22 - 2010-09-06 18:22 - 0118396 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1739.JPG 2010-09-06 18:20 - 2010-09-06 18:20 - 0118228 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1742.JPG 2010-09-06 18:21 - 2010-09-06 18:21 - 0114721 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1743.0 2010-09-06 18:21 - 2010-09-06 18:21 - 0041374 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1743.JPG 2010-09-06 18:19 - 2010-09-06 18:19 - 0118885 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1744.0 2010-09-06 18:19 - 2010-09-06 18:19 - 0045942 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1744.JPG 2010-09-07 12:21 - 2010-09-07 12:21 - 0120370 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1745.0 2010-09-07 12:21 - 2010-09-07 12:21 - 0052945 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1745.JPG 2010-09-07 12:24 - 2010-09-07 12:24 - 0114235 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1747.0 2010-09-07 12:24 - 2010-09-07 12:24 - 0040090 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1747.1 2010-09-07 12:24 - 2010-09-07 12:24 - 0041416 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1747.JPG 2010-10-03 18:18 - 2010-10-03 18:18 - 0119938 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1773.JPG 2010-12-19 18:29 - 2010-12-19 18:28 - 1293192 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1852.0 2010-12-19 18:29 - 2010-12-19 18:29 - 0614563 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1852.1 2010-12-19 18:29 - 2010-12-19 18:29 - 0614469 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1852.JPG 2010-12-19 18:27 - 2010-12-19 18:27 - 1280704 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1876.0 2010-12-19 18:27 - 2010-12-19 18:27 - 0580990 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1876.1 2010-12-19 18:27 - 2010-12-19 18:27 - 0580948 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1876.2 2010-12-19 18:27 - 2010-12-19 18:27 - 0580913 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1876.3 2010-12-19 18:27 - 2010-12-19 18:27 - 0580919 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1876.JPG 2010-12-24 22:15 - 2010-12-24 22:15 - 1305656 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1901.0 2010-12-24 22:15 - 2010-12-24 22:15 - 0567634 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1901.1 2010-12-24 22:16 - 2010-12-24 22:15 - 0567657 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1901.2 2010-12-24 22:16 - 2010-12-24 22:16 - 0567635 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1901.3 2010-12-24 22:16 - 2010-12-24 22:16 - 0567637 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1901.JPG 2010-12-24 22:14 - 2010-12-24 22:14 - 1277706 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1905.0 2010-12-24 22:14 - 2010-12-24 22:14 - 0599806 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1905.1 2010-12-24 22:14 - 2010-12-24 22:14 - 0599755 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1905.JPG 2011-01-07 00:56 - 2011-01-07 00:56 - 1284286 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1916.0 2011-01-07 00:56 - 2011-01-07 00:56 - 0611358 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1916.JPG 2011-02-05 01:04 - 2011-02-05 01:04 - 1306128 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1935.JPG 2011-02-05 01:06 - 2011-02-05 01:06 - 1310801 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1938.JPG 2011-02-05 01:07 - 2011-02-05 01:07 - 1283349 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1939.JPG 2011-02-05 01:09 - 2011-02-05 01:09 - 1268925 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1941.JPG 2011-02-05 01:10 - 2011-02-05 01:10 - 1267643 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1942.JPG 2011-02-05 01:11 - 2011-02-05 01:11 - 1284254 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1943.JPG 2011-02-05 01:13 - 2011-02-05 01:14 - 1301055 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1947.0 2011-02-05 01:14 - 2011-02-05 01:14 - 0466224 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1947.JPG 2011-02-05 01:15 - 2011-02-05 01:15 - 1293138 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1949.0 2011-02-05 01:15 - 2011-02-05 01:15 - 0472954 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1949.JPG 2011-02-05 01:16 - 2011-02-05 01:16 - 1259107 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1950.0 2011-02-05 01:17 - 2011-02-05 01:16 - 0437101 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1950.JPG 2011-02-05 01:17 - 2011-02-05 01:17 - 1282235 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1954.JPG 2011-02-05 01:19 - 2011-02-05 01:19 - 1308872 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1960.JPG 2011-02-13 17:34 - 2011-02-13 17:34 - 1271178 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1963.JPG 2011-02-13 17:35 - 2011-02-13 17:35 - 1276081 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1964.JPG 2011-02-13 17:36 - 2011-02-13 17:36 - 1279742 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1965.JPG 2011-02-13 17:42 - 2011-02-13 17:42 - 1292904 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1972.0 2011-02-13 17:42 - 2011-02-13 17:42 - 0595188 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1972.JPG 2011-02-15 22:00 - 2011-02-15 22:00 - 1294126 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1986.JPG 2011-02-24 22:24 - 2011-02-24 22:24 - 1307352 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1991.0 2011-02-24 22:24 - 2011-02-24 22:24 - 0549948 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1991.JPG 2011-03-06 17:46 - 2011-03-06 17:46 - 1318782 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF1997.JPG 2011-03-06 17:43 - 2011-03-06 17:43 - 1332932 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2002.0 2011-03-06 17:43 - 2011-03-06 17:43 - 0510210 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2002.JPG 2011-03-06 17:44 - 2011-03-06 17:44 - 1316416 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2003.JPG 2011-03-07 09:34 - 2011-03-07 09:33 - 1274890 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2004.0 2011-03-07 09:34 - 2011-03-07 09:34 - 0789483 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2004.JPG 2011-03-07 21:53 - 2011-03-07 21:53 - 1274885 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2005.JPG 2011-03-07 21:52 - 2011-03-07 21:52 - 1267421 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2010.JPG 2011-03-07 21:56 - 2011-03-07 21:56 - 1273974 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2011.JPG 2011-03-07 21:57 - 2011-03-07 21:57 - 1277302 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2013.JPG 2011-03-07 21:54 - 2011-03-07 21:54 - 1293404 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2017.JPG 2011-04-16 20:51 - 2011-04-16 20:51 - 1315581 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2025.JPG 2011-04-16 20:51 - 2011-04-16 20:51 - 1292080 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2026.JPG 2011-04-16 20:49 - 2011-04-16 20:49 - 1314801 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2035.0 2011-04-16 20:49 - 2011-04-16 20:49 - 0599006 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2035.JPG 2011-04-25 15:20 - 2011-04-25 15:20 - 1307596 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2112.JPG 2011-04-30 22:38 - 2011-04-30 22:38 - 1298066 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2136.JPG 2011-04-30 22:39 - 2011-04-30 22:39 - 1322262 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2138.JPG 2011-04-30 22:40 - 2011-04-30 22:40 - 1309634 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2139.JPG 2011-04-30 22:41 - 2011-04-30 22:41 - 1322904 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2140.JPG 2011-06-12 13:52 - 2011-06-12 13:52 - 1262679 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2169.JPG 2011-06-12 13:55 - 2011-06-12 13:55 - 1279366 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2177.JPG 2011-06-12 13:49 - 2011-06-12 13:49 - 1261334 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2180.JPG 2011-06-12 13:50 - 2011-06-12 13:50 - 1293257 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2182.JPG 2011-06-17 22:31 - 2011-06-17 22:31 - 1321172 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2183.0 2011-06-17 22:31 - 2011-06-17 22:31 - 0509959 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2183.JPG 2011-06-19 22:04 - 2011-06-19 22:04 - 0116703 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2187.JPG 2011-06-19 22:05 - 2011-06-19 22:05 - 0116082 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2190.JPG 2011-06-19 22:01 - 2011-06-19 22:01 - 0117748 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2193.JPG 2011-06-19 22:03 - 2011-06-19 22:03 - 0117035 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2197.JPG 2011-06-19 22:06 - 2011-06-19 22:06 - 0118663 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2200.JPG 2011-07-18 13:17 - 2011-07-18 13:17 - 0123013 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2229.0 2011-07-18 13:17 - 2011-07-18 13:17 - 0068474 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2229.JPG 2011-08-29 17:35 - 2011-08-29 17:35 - 0120964 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2385.JPG 2011-09-11 20:25 - 2011-09-11 20:25 - 0122540 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2393.JPG 2011-09-11 20:24 - 2011-09-11 20:24 - 0125335 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2395.JPG 2011-09-11 20:26 - 2011-09-11 20:26 - 0123971 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2398.JPG 2011-09-11 20:29 - 2011-09-11 20:29 - 0119387 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2405.JPG 2011-09-11 20:32 - 2011-09-11 20:32 - 0118672 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2421.JPG 2011-09-18 17:40 - 2011-09-18 17:40 - 1304426 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2449.JPG 2011-09-18 17:43 - 2011-09-18 17:43 - 1288406 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2458.JPG 2011-09-18 17:44 - 2011-09-18 17:44 - 1312647 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2459.JPG 2011-10-10 13:12 - 2011-10-10 13:12 - 1273619 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2582.JPG 2011-10-04 10:50 - 2011-10-04 10:50 - 1300377 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2616.0 2011-10-04 10:50 - 2011-10-04 10:50 - 0466372 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2616.JPG 2011-10-04 10:44 - 2011-10-04 10:44 - 1256158 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2623.0 2011-10-04 10:44 - 2011-10-04 10:44 - 0675864 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2623.JPG 2011-10-04 10:46 - 2011-10-04 10:46 - 1271643 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2625.0 2011-10-04 10:46 - 2011-10-04 10:47 - 1271643 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2625.JPG 2011-10-04 10:43 - 2011-10-04 10:43 - 1297844 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2629.0 2011-10-04 10:43 - 2011-10-04 10:43 - 0418412 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2629.JPG 2011-10-04 10:41 - 2011-10-04 10:41 - 1315743 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2632.0 2011-10-04 10:41 - 2011-10-04 10:41 - 0397200 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2632.JPG 2011-10-04 10:40 - 2011-10-04 10:40 - 1276351 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2633.JPG 2011-10-04 10:27 - 2011-10-04 10:27 - 1295723 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2654.0 2011-10-04 10:27 - 2011-10-04 10:27 - 0733257 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2654.JPG 2011-10-04 10:30 - 2011-10-04 10:30 - 1290307 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2655.0 2011-10-04 10:30 - 2011-10-04 10:30 - 0377537 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2655.JPG 2011-10-04 10:33 - 2011-10-04 10:33 - 1311450 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2658.JPG 2011-10-29 11:52 - 2011-10-29 11:52 - 1274442 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2812.0 2011-10-29 11:52 - 2011-10-29 11:52 - 0623965 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2812.JPG 2011-10-31 20:11 - 2011-10-31 20:11 - 1326983 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2817.JPG 2011-10-31 20:12 - 2011-10-31 20:12 - 1275600 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2819.JPG 2011-12-01 12:04 - 2011-12-01 12:04 - 1307556 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2829.0 2011-12-01 12:04 - 2011-12-01 12:04 - 0534391 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2829.JPG 2011-12-07 14:08 - 2011-12-07 14:08 - 1342024 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2837.0 2011-12-07 14:08 - 2011-12-07 14:08 - 0568931 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2837.JPG 2011-12-06 10:04 - 2011-12-06 10:04 - 1297713 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2843.0 2011-12-06 10:04 - 2011-12-06 10:04 - 0603624 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2843.JPG 2011-12-06 10:06 - 2011-12-06 10:06 - 1279630 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2845.0 2011-12-06 10:06 - 2011-12-06 10:06 - 0592591 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2845.JPG 2011-12-12 01:27 - 2011-12-12 01:27 - 1285879 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2945.JPG 2011-12-21 21:58 - 2011-12-21 21:58 - 1267066 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2964.JPG 2011-12-24 23:13 - 2011-12-24 23:13 - 1274787 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2968.JPG 2012-01-05 16:19 - 2012-01-05 16:19 - 1278695 _____ () C:\Users \Sinnfamily\AppData\Local \tmpDSCF2969.JPG 2011-04-13 10:47 - 2011-04-13 10:47 - 0119017 _____ () C:\Users \Sinnfamily\AppData\Local \tmpEPSON002.0 2011-04-13 10:47 - 2011-04-13 10:47 - 0141870 _____ () C:\Users \Sinnfamily\AppData\Local \tmpEPSON002.JPG 2011-04-14 18:15 - 2011-04-14 18:15 - 0208217 _____ () C:\Users \Sinnfamily\AppData\Local \tmpEPSON003[1].JPG 2011-03-11 18:43 - 2011-03-11 18:43 - 0947202 _____ () C:\Users \Sinnfamily\AppData\Local \tmpEXPO_004[1].JPG 2011-10-26 10:51 - 2011-10-26 10:51 - 0178994 _____ () C:\Users \Sinnfamily\AppData\Local\tmpGRAVE MARKER.0 2011-10-26 10:51 - 2011-10-26 10:51 - 0181324 _____ () C:\Users \Sinnfamily\AppData\Local\tmpGRAVE MARKER.1 2011-10-26 10:51 - 2011-10-26 10:51 - 0181741 _____ () C:\Users \Sinnfamily\AppData\Local\tmpGRAVE MARKER.JPG 2012-12-20 23:24 - 2012-12-20 23:24 - 0057715 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHAPPYTAILS.JPG 2012-09-25 23:18 - 2012-09-25 23:18 - 2490355 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHARVEY.JPG 2012-09-25 23:16 - 2012-09-25 23:16 - 0021924 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHARVEYJ-2.0 2012-09-25 23:16 - 2012-09-25 23:16 - 0016735 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHARVEYJ-2.JPG 2013-07-22 22:56 - 2013-07-22 22:56 - 0757371 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHIBBING CABIN MAP030.0 2013-07-22 22:56 - 2013-07-22 22:56 - 1097356 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHIBBING CABIN MAP030.1 2013-07-22 22:56 - 2013-07-22 22:56 - 1118480 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHIBBING CABIN MAP030.JPG 2011-09-20 11:04 - 2011-09-20 11:04 - 0013259 _____ () C:\Users \Sinnfamily\AppData\Local \tmpHOWLOWEEN2006.JPG 2011-06-03 12:10 - 2011-06-03 12:10 - 5016602 _____ () C:\Users \Sinnfamily\AppData\Local \tmpIMG_8563.0 2011-06-03 12:10 - 2011-06-03 12:10 - 1152240 _____ () C:\Users \Sinnfamily\AppData\Local \tmpIMG_8563.JPG 2011-06-03 12:11 - 2011-06-03 12:11 - 4223711 _____ () C:\Users \Sinnfamily\AppData\Local \tmpIMG_8589.0 2011-06-03 12:11 - 2011-06-03 12:11 - 0861439 _____ () C:\Users \Sinnfamily\AppData\Local \tmpIMG_8589.JPG 2011-06-03 12:19 - 2011-06-03 12:19 - 4716362 _____ () C:\Users \Sinnfamily\AppData\Local \tmpIMG_9086.0 2011-06-03 12:19 - 2011-06-03 12:19 - 1043970 _____ () C:\Users \Sinnfamily\AppData\Local \tmpIMG_9086.JPG 2011-01-01 19:05 - 2011-01-01 19:05 - 1166454 _____ () C:\Users \Sinnfamily\AppData\Local \tmpJESSICA,JESSE, JD5.JPG 2011-01-01 19:06 - 2011-01-01 19:06 - 0012015 _____ () C:\Users \Sinnfamily\AppData\Local \tmpJESSICA,JESSE, JD5_CROP.0 2011-01-01 19:06 - 2011-01-01 19:06 - 0012013 _____ () C:\Users \Sinnfamily\AppData\Local \tmpJESSICA,JESSE, JD5_CROP.JPG 2012-12-22 22:46 - 2012-12-22 22:46 - 1395219 _____ () C:\Users \Sinnfamily\AppData\Local \tmpJOHNBUSH2.JPG 2010-06-14 19:28 - 2010-06-14 19:28 - 3366613 _____ () C:\Users \Sinnfamily\AppData\Local \tmpLOOKING+AT+YOU[1].0 2010-06-14 19:28 - 2010-06-14 19:28 - 0697527 _____ () C:\Users \Sinnfamily\AppData\Local \tmpLOOKING+AT+YOU[1].JPG 2010-02-03 20:14 - 2011-08-23 09:25 - 0011382 _____ () C:\Users \Sinnfamily\AppData\Local\tmpME AND TEUFEL.JPG 2010-05-29 22:01 - 2010-05-29 22:01 - 2076087 _____ () C:\Users \Sinnfamily\AppData\Local \tmpOUR_GIRL_MORGAN_MAY_2010 [1].0 2010-05-29 22:01 - 2010-05-29 22:01 - 0992653 _____ () C:\Users \Sinnfamily\AppData\Local \tmpOUR_GIRL_MORGAN_MAY_2010 [1].1 2010-05-29 22:01 - 2010-05-29 22:01 - 0982699 _____ () C:\Users \Sinnfamily\AppData\Local \tmpOUR_GIRL_MORGAN_MAY_2010 [1].2 2010-05-29 22:01 - 2010-05-29 22:01 - 1018182 _____ () C:\Users \Sinnfamily\AppData\Local \tmpOUR_GIRL_MORGAN_MAY_2010 [1].JPG 2012-08-08 12:24 - 2012-08-08 12:24 - 0222265 _____ () C:\Users \Sinnfamily\AppData\Local \tmpRICKSBASSETS07162012.JPG 2010-12-07 10:25 - 2010-12-07 10:25 - 2792446 _____ () C:\Users \Sinnfamily\AppData\Local \tmpSAM_0041[1].JPG 2010-12-07 10:27 - 2010-12-07 10:27 - 2724806 _____ () C:\Users \Sinnfamily\AppData\Local \tmpSAM_0042[1].JPG 2010-12-07 10:28 - 2010-12-07 10:28 - 2779611 _____ () C:\Users \Sinnfamily\AppData\Local \tmpSAM_0043[1].JPG 2013-02-21 23:45 - 2013-02-21 23:45 - 0305120 _____ () C:\Users \Sinnfamily\AppData\Local\tmpSIS FLYER.JPG 2011-09-20 09:12 - 2011-09-20 09:12 - 0078677 _____ () C:\Users \Sinnfamily\AppData\Local \tmpSIS.JPG 2012-12-02 12:34 - 2012-12-02 12:34 - 1372344 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTEUFEL 7.0 2012-12-02 12:34 - 2012-12-02 12:34 - 0690494 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTEUFEL 7.JPG 2011-08-01 18:25 - 2011-08-01 18:25 - 0089772 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTEUFEL AT BASSETFEST.JPG 2010-09-13 23:27 - 2010-09-13 23:27 - 0121804 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTEUFEL3[1].JPG 2011-03-17 13:03 - 2011-03-17 13:03 - 0076429 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTUEFFLES.0 2011-03-17 13:03 - 2011-03-17 13:03 - 0042211 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTUEFFLES.1 2011-03-17 13:03 - 2011-03-17 13:03 - 0044867 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTUEFFLES.JPG 2013-08-09 10:57 - 2013-08-09 10:57 - 0331186 _____ () C:\Users \Sinnfamily\AppData\Local \tmpTYKE.JPG 2012-12-22 22:50 - 2012-12-22 22:50 - 2270875 _____ () C:\Users \Sinnfamily\AppData\Local \tmpUNITED NATIONS COMMAND SUPPORT GROUP.JPG 2011-09-20 09:12 - 2011-09-20 09:12 - 0115122 _____ () C:\Users \Sinnfamily\AppData\Local \tmpWELCOME FROM STONE MOUNTAIN.JPG 2010-02-13 21:07 - 2010-02-13 21:07 - 0022618 _____ () C:\Users \Sinnfamily\AppData\Local \tmpWHITE_BUTTERFLY_SNIFFER [1].JPG 2013-08-10 19:10 - 2013-08-10 19:10 - 0000000 _____ () C:\ProgramData \3b203d3a29333421252a593f31_c 2014-10-19 18:23 - 2014-10-19 18:23 - 0000057 _____ () C:\ProgramData \Ament.ini 2011-01-10 18:40 - 2011-01-10 18:40 - 0000056 ____H () C:\ProgramData \ezsidmv.dat Files to move or delete: ==================== C:\Users\Sinnfamily\jobq.dat Some files in TEMP: ==================== C:\Users\Sinnfamily\AppData\Local \Temp\DseShExt-x64.dll C:\Users\Sinnfamily\AppData\Local \Temp\DseShExt-x86.dll C:\Users\Sinnfamily\AppData\Local \Temp\SDShelEx-win32.dll C:\Users\Sinnfamily\AppData\Local \Temp\SDShelEx-x64.dll Some zero byte size files/folders: ======================= === C:\Windows\SysWOW64\conhost.exe C:\Windows\SysWOW64\csrss.exe C:\Windows\SysWOW64\dwm.exe C:\Windows\SysWOW64\lsass.exe C:\Windows\SysWOW64\lsm.exe C:\Windows\SysWOW64\nvvsvc.exe C:\Windows\SysWOW64\services.exe C:\Windows\SysWOW64\smss.exe C:\Windows\SysWOW64\spoolsv.exe C:\Windows\SysWOW64\taskhost.exe C:\Windows\SysWOW64\winlogon.exe C:\Windows \SysWOW64\WUDFHost.exe C:\Windows\System32\nvd3dum.dll C:\Windows\System32\nvwgf2um.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers \volsnap.sys => File is digitally signed LastRegBack: 2015-05-20 22:12 ==================== End of log Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21 -05-2015 Ran by Sinnfamily at 2015-05-22 16:13:39 Running from C:\Users\Sinnfamily \Downloads Boot Mode: Normal ======================= ======================= ============ ==================== Accounts: ======================= ====== Administrator (S-1-5-21-2643768202- 156854014-2583388340-500 - Administrator - Disabled) Guest (S-1-5-21-2643768202- 156854014-2583388340-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21- 2643768202-156854014-2583388340 -1002 - Limited - Enabled) Sinnfamily (S-1-5-21-2643768202- 156854014-2583388340-1001 - Administrator - Enabled) => C:\Users \Sinnfamily ==================== Security Center ======================= = (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131- 94903A54AD8B} AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F- 32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44 -DA132C1ACF46} AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B- 1497-73CC-F290-58052563BEAE} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81- AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM-x32\... \com.adobe.mauby.4875E02D9FB21E E389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 2.3.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM- x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM- x32\...\{AC76BA86-7AD7-1033-7B44- AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) Apple Application Support (HKLM- x32\...\{46F044A5-CE8B-4196-984E- 5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\... \{789A5B64-9DD9-4BA5-915A- F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\... \Avast) (Version: 10.2.2218 - AVAST Software) AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000- 0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Coupon Printer for Windows (HKLM- x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated) CyberLink DVD Suite Deluxe (HKLM- x32\...\InstallShield_{1FBF6C24- C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.) DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden Family Tree Maker 2011 (HKLM- x32\...\Family Tree Maker 2011) (Version: 20.0.379 - Ancestry.com) Family Tree Maker 2011 (x32 Version: 20.0.379 - Ancestry.com) Hidden FamilySearch Indexing 3.10.5 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.10.5 - FamilySearch) FamilySearch Linking 1.1.0 (HKLM- x32\...\0591-8077-9297-0833-1) (Version: 1.1.0 - FamilySearch) FUJIFILM MyFinePix Studio 2.0 (HKLM-x32\...\FinePix Genie_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.) Google Talk Plugin (HKLM-x32\... \{CA3DD97D-1FD7-37A7-BD5C- FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Hardware Diagnostic Tools (HKLM\... \PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett- Packard Company) Hidden Homepage Protection (HKLM-x32\... \Homepage Protection) (Version: - AOL Products) HP Advisor (HKLM-x32\... \{40FB8D7C-6FF8-4AF2-BC8B- 0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard) HP ENVY 4500 series Basic Device Software (HKLM\...\{38A08516-1847- 43E4-8076-9540B60EC43B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP ENVY 4500 series Help (HKLM- x32\...\{95BECC50-22B4-4FCA-8A2E- BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent) HP MediaSmart Demo (HKLM-x32\... \{9DEF9686-CCB2-47B7-BF83- B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\... \InstallShield_{DCCAD079-F92C- 44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard) HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_ {3023EBDA-BF1B-4831-B347- E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard) HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_ {B2EE25B9-5B00-4ACF-94F0- 92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\... \{26280024-DFB7-4967-90DB- 7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard) HP Odometer (HKLM-x32\... \{B8AC1A89-FFD1-4F97-8051- E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP) HP Product Detection (HKLM-x32\... \{A436F67F-687E-4736-BD2B- 537121A804CF}) (Version: 11.14.0001 - HP) HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed) HP Setup (HKLM-x32\...\{F3B912F5- EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett- Packard) HP Support Information (HKLM- x32\...\{B9A03B7B-E0FF-4FB3-BA83- 762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0- 4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett- Packard Company) HP Update (HKLM-x32\... \{912D30CF-F39E-4B31-AD9A- 123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Java 8 Update 45 (HKLM-x32\... \{26A24AE4-039D-4CA4-87B4- 2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) LabelPrint (HKLM-x32\... \InstallShield_{C59C179C-668D-49A9 -B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden LightScribe System Software (HKLM- x32\...\{DD6C316A-FE75-4FBB-9D22- 4C1920232B72}) (Version: 1.18.5.1 - LightScribe) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\... \Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD- 9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (HKLM\... \Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - ) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\... \{95120000-00AF-0409-0000- 0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\... \{D24DB8B9-BB6C-4334-9619- BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\... \{89F4137D-6C26-4A84-BDB8- 2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\... \{B6E3757B-5E77-3915-866A- CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\... \{770657D0-A123-3C07-8E44- 1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\... \{710f4c1c-cc18-4c49-8cbf- 51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add- 901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\... \{071c9b48-7c32-4621-a0ac- 3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\... \{ad8a2fa1-06e7-4b0d-927d- 6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\... \{EE936C7A-EA40-31D5-9B65- 8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\... \{002D9D5E-29BA-3E6D-9BC4- 3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\... \{8338783A-0968-3B85-AFC7- BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\... \{86CE85E6-DBAC-3FFD-B977- E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270- 8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E- 8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB- B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7- 3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB- 3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9 -BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06 -BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9 -88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM- x32\...\{F0C3E5D1-1ADE-321E-8167- 68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM-x32\... \{15BC8CD0-A65B-47D0-A2DD- 90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM- x32\...\{E3E71D07-CD27-46CB-8448- 16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM- x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM- x32\...\{86493ADD-824D-4B8E-BD72 -8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM- x32\...\{F662A8E6-F4DC-41A2-901E- 8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation) OpenOffice 4.1.0 (HKLM-x32\... \{C87EF11D-36E9-479D-9898- 7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation) PictureMover (HKLM-x32\... \{1896E712-2B3D-45eb-BCE9- 542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company) Power2Go (HKLM-x32\... \InstallShield_{40BF1E83-20EB-11D8 -97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\... \InstallShield_{CB099890-1D5F-11D5 -9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden Product Improvement Study for HP ENVY 4500 series (HKLM\... \{3A5F6684-5FD8-4660-A4DA- BF60A20FCCFC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) QuickTime 7 (HKLM-x32\... \{3D2CBC2C-65D4-4463-87AB- BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RAF (HKLM-x32\...\{E6B43401-E818- 4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA- 4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5882 - Realtek Semiconductor Corp.) Skype Toolbars (HKLM-x32\... \{B6CF2967-C81E-40C0-9815- C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM- x32\...\{B4092C6D-E886-4CB2-BA68- FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Uniblue RegistryBooster (HKLM- x32\...\{E63E34A7-E552-412B-9E40- FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd) Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\... \{2FDBBCEA-62DB-45F4-B6E5- 0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.) Visual Studio 2008 x64 Redistributables (HKLM-x32\... \{FCDBEA60-79F0-4FAE-BBA8- 55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2010 x64 Redistributables (HKLM\... \{21B133D6-5979-47F0-BE1C- F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\... \{8C775E70-A791-4DA8-BCC3- 6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\... \{98EFF19A-30AB-4E4B-B943- F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) Yahoo! Software Update (HKLM- x32\...\Yahoo! Software Update) (Version: - ) ==================== Custom CLSID (Whitelisted): ======================= === (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ======================= == 13-05-2015 03:00:38 Windows Update 19-05-2015 18:09:50 Windows Update 20-05-2015 09:37:59 Installed AVG PC TuneUp 2015 20-05-2015 16:44:33 AVG 2015 ==================== Hosts content: ======================= ======== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows \system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00DE05F7-C4C2-4461-B40C- 0CA9AEAFB3D7} - System32\Tasks \DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD \DVDAgent.exe [2009-10-20] (CyberLink Corp.) Task: {048B52EB-3E7E-4737-81C5- ACC489A6E904} - System32\Tasks \Microsoft_Hardware_Launch_IPoint_ exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation) Task: {0D301EBB-5114-4655-8904- 9DE15036F3C8} - System32\Tasks \Hewlett-Packard\HP Support Assistant \WarrantyChecker_DeviceScan => C: \Program Files (x86)\Hewlett-Packard \HP Support Framework\Resources \HPWarrantyCheck \HPWarrantyChecker.exe [2015-04- 14] (Hewlett-Packard) Task: {17B83FB2-BD08-4668-BBA5- 1E0D76ADCB97} - System32\Tasks \Microsoft\Windows\Setup\gwx \launchtrayprocess => C:\Windows \system32\GWX\GWX.exe [2015-05- 07] (Microsoft Corporation) Task: {2B1C0F13-4C81-4717-B976- 9DE922CB21F4} - System32\Tasks \Apple\AppleSoftwareUpdate => C: \Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011- 06-01] (Apple Inc.) Task: {36D38275-813C-4788-B1AB- 3779C3F2F598} - System32\Tasks \GoogleUpdateTaskMachineUA => C: \Program Files (x86)\Google\Update \GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {5B105DDE-C5D1-42E9-A71A- B1D20E9FCB26} - System32\Tasks \FreeFileViewerUpdateChecker => C: \Program Files (x86)\FreeFileViewer \FFVCheckForUpdates.exe <==== ATTENTION Task: {6267E7E9-9D6A-41CA-A45C- EC8E2D68322B} - System32\Tasks \GoogleUpdateTaskUserS-1-5-21- 2643768202-156854014-2583388340 -1001Core => C:\Users\Sinnfamily \AppData\Local\Google\Update \GoogleUpdate.exe [2014-10-22] (Google Inc.) Task: {6ACE0257-90C2-433B-9293- A8913B336AFB} - System32\Tasks \RealUpgradeScheduledTaskS-1-5-21 -2643768202-156854014-2583388340 -1001 => C:\Program Files (x86)\Real\RealUpgrade \RealUpgrade.exe Task: {6E4E334F-75C0-46E8-81FE- 2243052EC701} - System32\Tasks \PCDRScheduledMaintenance => C: \Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07- 02] (PC-Doctor, Inc.) Task: {726F081B-293C-4B46-8725- F09B51D31EC8} - \ProgramRefresh- ATFST No Task File <==== ATTENTION Task: {72B810CC-FF0E-4D5E-A275- 971FD7D12A79} - System32\Tasks \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {7B4207E6-F2CF-45C3-BE5B- 742E3CAC74BD} - System32\Tasks \Adobe Flash Player Updater => C: \Windows\SysWOW64\Macromed \Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {8D9E64D7-9597-4BFE-BFFB- 66505B2C918F} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations \Communicator.exe [2014-12-31] () Task: {917BB944-4725-4B52-A174- A2ABC541FCF6} - System32\Tasks \GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google \Update\GoogleUpdate.exe [2014-10 -18] (Google Inc.) Task: {922ECA91-B0D0-4F5E-9E67- 09CAA18910A8} - System32\Tasks \{95EEF560-9095-4226-A149- 6BC6A070B950} => C:\Program Files (x86)\iWin Games\iWinGames.exe Task: {92F47BF9-5F86-45CD-8F3F- 64C84078CC81} - System32\Tasks \Microsoft\Windows\Setup\gwx \refreshgwxconfig => C:\Windows \system32\GWX \GWXConfigManager.exe [2015-05- 07] (Microsoft Corporation) Task: {98B4F376-E5F1-4AB0-91B1- 0ABE576B94B1} - System32\Tasks \Google Update => C:\Users \Sinnfamily\AppData\Local\Google \Update\GoogleUpdate.exe [2014-10 -22] (Google Inc.) Task: {9C41A200-A3BC-4255-A88B- 9B094C22A07A} - System32\Tasks \Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated) Task: {9EB87832-63D6-47B0-AA08- D15DEE543D72} - System32\Tasks \RealUpgradeLogonTaskS-1-5-21- 2643768202-156854014-2583388340 -1001 => C:\Program Files (x86)\Real\RealUpgrade \RealUpgrade.exe Task: {A44BA7CF-38BA-4AD1-B970- 82B6530D3FC7} - System32\Tasks \Hewlett-Packard\HP Support Assistant \WarrantyChecker_CN47T1507X => C:\Program Files (x86)\Hewlett- Packard\HP Support Framework \Resources\HPWarrantyCheck \HPWarrantyChecker.exe [2015-04- 14] (Hewlett-Packard) Task: {B3D5A209-57D7-42F6-B758- 196D312C9C98} - System32\Tasks \Microsoft_Hardware_Launch_rundll3 2_exe => Rundll32.exe url.dll,OpenURL [URL]http://go.microsoft.com/fwlink/?[/URL] LinkId=116866 Task: {C0096E98-F13A-47F0-8A91- 66B0763601AF} - System32\Tasks \HPCeeScheduleForSinnfamily => C: \Program Files (x86)\Hewlett-Packard \HP Ceement\HPCEE.exe [2011-07- 15] (Hewlett-Packard) Task: {C8FF2829-6472-46F5-9C86- D0D000FA13BC} - System32\Tasks \Hewlett-Packard\HP Support Assistant\PC Health Analysis => C: \Program Files (x86)\Hewlett-Packard \HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {D273146D-2A8C-4339-9A6C- 9BBB18BDE05C} - System32\Tasks \RunAsStdUser Task => C:\Program Files (x86)\iWin Games \iWinGames.exe Task: {D5082955-084C-42C7-A1B3- 92418DAF3313} - System32\Tasks \Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013- 11-04] (Hewlett-Packard Company) Task: {DB23E848-922E-43C5-B7F1- B5FA7DADE589} - \ProgramUpdateCheck No Task File <==== ATTENTION Task: {DCA7AA00-2695-42E5-8448- 76A39D4A6B9E} - System32\Tasks \CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink) Task: {E853C7A8-D1A1-4AF6-A451- 747EB0D00AC1} - System32\Tasks \GoogleUpdateTaskUserS-1-5-21- 2643768202-156854014-2583388340 -1001UA => C:\Users\Sinnfamily \AppData\Local\Google\Update \GoogleUpdate.exe [2014-10-22] (Google Inc.) Task: {EBD141B3-63E0-4A72-8E9C- DF3AB841FB16} - System32\Tasks \{47742B60-D7A2-424D-8371- 21724FCD2E7C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe Task: {EDBB4BBF-2315-401E-BD70- 20E9ACAB5586} - System32\Tasks \Java Update Scheduler => C: \Program Files (x86)\Common Files \Java\Java Update\jusched.exe [2015 -04-10] (Oracle Corporation) Task: {F8D7255A-057C-4D5B-B371- 5DEDDE35203D} - System32\Tasks \Hewlett-Packard\HP Support Assistant\Update Check => C: \ProgramData\Hewlett-Packard\HP Support Framework\Resources \Updater7\HPSFUpdater.exe [2014- 05-12] (Hewlett-Packard Company) Task: {FA4F0B45-642B-4CEA-BAD2- 2808F9D8A5D9} - System32\Tasks\HP online update program => c: \Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard) Task: {FD855F12-7FA9-431D-8FD0- 621F646AB67E} - System32\Tasks \HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin \HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {FDB407C0-6848-489E-9081- B52D1DB72EC6} - System32\Tasks \ROC_REG_JAN_DELETE => C: \ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows \SysWOW64\Macromed\Flash \FlashPlayerUpdateService.exe Task: C:\Windows\Tasks \FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer \FFVCheckForUpdates.exe <==== ATTENTION Task: C:\Windows\Tasks \GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google \Update\GoogleUpdate.exe Task: C:\Windows\Tasks \GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google \Update\GoogleUpdate.exe Task: C:\Windows\Tasks \GoogleUpdateTaskUserS-1-5-21- 2643768202-156854014-2583388340 -1001Core.job => C:\Users \Sinnfamily\AppData\Local\Google \Update\GoogleUpdate.exe Task: C:\Windows\Tasks \GoogleUpdateTaskUserS-1-5-21- 2643768202-156854014-2583388340 -1001UA.job => C:\Users\Sinnfamily \AppData\Local\Google\Update \GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C: \ProgramData\HP Photo Creations \Communicator.exe Task: C:\Windows\Tasks \HPCeeScheduleForSinnfamily.job => C:\Program Files (x86)\Hewlett- Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks \PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml Task: C:\Windows\Tasks \ROC_REG_JAN_DELETE.job => C: \ProgramData\AVG January 2013 Campaign\ROC.exe ==================== Loaded Modules (Whitelisted) ============== 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader \rndlresolversvc.exe 2015-05-20 18:26 - 2015-05-20 18:26 - 00104400 _____ () C:\Program Files \AVAST Software\Avast\log.dll 2015-05-20 18:26 - 2015-05-20 18:26 - 00081728 _____ () C:\Program Files \AVAST Software\Avast \JsonRpcServer.dll 2015-05-22 15:35 - 2015-05-22 15:35 - 02931200 _____ () C:\Program Files \AVAST Software\Avast\defs \15052201\algo.dll 2015-05-20 18:26 - 2015-05-20 18:26 - 40540672 _____ () C:\Program Files \AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C: \ProgramData\Temp:0B4227B4 AlternateDataStreams: C: \ProgramData\Temp:373E1720 AlternateDataStreams: C: \ProgramData\Temp:4A74A9A7 AlternateDataStreams: C: \ProgramData\Temp:6611AB82 AlternateDataStreams: C: \ProgramData\Temp:972E051C ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\skillsoft.com -> hxxp://support.skillsoft.com IE trusted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\usaa.com -> hxxps://[URL="http://www.usaa.com"]www.usaa.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\008k.com -> [URL="http://www.008k.com"]www.008k.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\00hq.com -> [URL="http://www.00hq.com"]www.00hq.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\0scan.com -> [URL="http://www.0scan.com"]www.0scan.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\1-2005-search.com -> [URL="http://www.1-2005-search.com"]www.1-2005-search.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\1-domains-registrations.com -> [URL="http://www.1-domains-registrations.com"]www.1-domains-registrations.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\1000gratisproben.com -> [URL="http://www.1000gratisproben.com"]www.1000gratisproben.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\1001namen.com -> [URL="http://www.1001namen.com"]www.1001namen.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\100sexlinks.com -> [URL="http://www.100sexlinks.com"]www.100sexlinks.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\10sek.com -> [URL="http://www.10sek.com"]www.10sek.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\123fporn.info -> [URL="http://www.123fporn.info"]www.123fporn.info[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\123haustiereundmehr.com -> [URL="http://www.123haustiereundmehr.com"]www.123haustiereundmehr.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\123moviedownload.com -> [URL="http://www.123moviedownload.com"]www.123moviedownload.com[/URL] IE restricted site: HKU\S-1-5-21- 2643768202-156854014-2583388340 -1001\...\123simsen.com -> [URL="http://www.123simsen.com"]www.123simsen.com[/URL] There are 7369 more restricted sites. ==================== Other Areas ======================= ===== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2643768202- 156854014-2583388340-1001\Control Panel\Desktop\\Wallpaper -> C: \Users\Sinnfamily\AppData\Roaming \Microsoft\Windows\Themes \TranscodedWallpaper.jpg DNS Servers: 173.225.144.10 - 173.225.144.70 ==================== MSCONFIG/TASK MANAGER Error getting == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows ^Start Menu^Programs^Startup^PictureMov er.lnk => C:\Windows\pss \PictureMover.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Sinnfamily^AppData^Roa ming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP ENVY 4500 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP ENVY 4500 series.lnk.Startup MSCONFIG\startupfolder: C:^Users^Sinnfamily^AppData^Roa ming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffic e.org 3.3.lnk => C:\Windows\pss \OpenOffice.org 3.3.lnk.Startup MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support \APSDaemon.exe" MSCONFIG\startupreg: ChristmasHolidayLaughs Search Scope Monitor => "C: \PROGRA~2\CHRIST~2\bar\1.bin \4msrchmn.exe" /m=2 /w /h MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin \FTBCheckUpdates.exe MSCONFIG\startupreg: Google Update => "C:\Users\Sinnfamily \AppData\Local\Google\Update \GoogleUpdate.exe" /c MSCONFIG\startupreg: HP Remote Solution => %ProgramFiles% \Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett- Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett- packard\HP odometer\hpsysdrv.exe MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows \system32\NvCpl.dll,NvStartup MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett- Packard\HP MediaSmart \SmartMenu.exe /background MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy \TeaTimer.exe MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files (x86)\Hewlett-Packard\Recovery \MUITransfer\MUIStartMenu.exe" "C: \Program Files (x86)\Hewlett-Packard \Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{862AFB70-51E0- 4527-A271-8089B56E8C4F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector \PDR.EXE FirewallRules: [{C18F71C2-F36F- 4625-AB27-90EEB8D1E479}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\HPTouchSmartMusic.exe FirewallRules: [{385AA1C8-3FA9- 4B3B-BD9E-7367B718C947}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\HPTouchSmartPhoto.exe FirewallRules: [{AF8F13B3-F77D- 4B1A-A975-B0E42F3F829E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\HPTouchSmartVideo.exe FirewallRules: [{92E9E16B-95EC- 46F4-B8B4-D8B4C5855C30}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\TSMAgent.exe FirewallRules: [{FC56BC42-4EC5- 45EA-AC62-97E5A14B0D6F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\Kernel\CLML\CLMLSvc.exe FirewallRules: [{05E9270A-E3F2- 4A90-9AF9-0531E88870E4}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\HPTouchSmartMusic.exe FirewallRules: [{AC5E908D-A55B- 4F73-B15C-CFB0F6EBD26D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\HPTouchSmartPhoto.exe FirewallRules: [{FA0AE581-0A66- 43A8-8CB7-EE5700994EE7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\HPTouchSmartVideo.exe FirewallRules: [{2CC2996A-B44E- 4A2D-AE0C-D3C753CC0F22}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\TSMAgent.exe FirewallRules: [{ED0C4EDA-F45E- 4296-93BB-4D28D09994E2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart \Media\Kernel\CLML\CLMLSvc.exe FirewallRules: [{2E4E8EDE-C9CE- 4343-8260-A16DE0E95A03}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD \HPDVDSmart.exe FirewallRules: [{764617C5-1D03- 4EEB-BB6D-7672F4F38A7B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support \WebKit2WebProcess.exe FirewallRules: [TCP Query User {994A22F0-68B9-4379-B5E1- 15A52E7F438D}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User {6B53A456-3420-4983-B732- CAD108778133}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [{43230E3A-F961- 4F8F-8602-AB42EFBEDA78}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources \HPWarrantyCheck \HPWarrantyChecker.exe FirewallRules: [TCP Query User {2AEFA044-16C5-4238-B681- 8418467C5584}C:\program files (x86)\hp\common \hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common \hpdevicedetection3.exe FirewallRules: [UDP Query User {091005CC-A496-4F92-9DA6- 417FD38247FB}C:\program files (x86)\hp\common \hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hp\common \hpdevicedetection3.exe FirewallRules: [{8B135CC0-C6E0- 4069-B143-AD1F8F02841E}] => (Allow) C:\Program Files (x86)\FreeFileViewer \FFVCheckForUpdates.exe FirewallRules: [{A4B859C2-5460- 4CB6-928D-57A5938BE20C}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe FirewallRules: [{1DF73D99-F679- 4C80-93F8-B2A2ED120C2E}] => (Allow) LPort=5357 FirewallRules: [{C6EFD0B0-9F11- 4CDB-8D30-004DB350980F}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin \HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User {127708EF-BEB7-418B-B25C- B54170BF40A1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User {C9FF2BD2-15F0-499F-9022- 0D9509EBF9D3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{D3397118-8472- 4381-AC23-FF7ED3BD3CF1}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{82CEA311-9153- 4A12-ADE0-5A2ED5A52AA3}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{21183FC2-B84E- 4444-8F8D-D71894E4F72E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8C049D7F-3109- 4691-935E-FDD25D6565CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{21BFE7F7-E7BC- 4CB6-89E4-12D8FBB42846}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgnsa.exe FirewallRules: [{55C6E141-EDA0- 408D-8D7C-8C9686C535DB}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgnsa.exe FirewallRules: [{D023B66A-0EC2- 406D-8FB7-32166B367688}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgdiagex.exe FirewallRules: [{B38C3E4D-7DA4- 45F6-AA03-5F270DF6F79E}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgdiagex.exe FirewallRules: [{C37D1B0D-989A- 4AB2-9D1D-B0F80D5A75B1}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgmfapx.exe FirewallRules: [{D8FF93A6-3DE4- 40BC-947B-44A6A7A1CEE0}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgmfapx.exe FirewallRules: [{31143E86-0CAB- 45BF-8A62-B10592C8D831}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgemca.exe FirewallRules: [{FA2DB4C0-236C- 410E-8DB5-B7A4F3C1F6FA}] => (Allow) C:\Program Files (x86)\AVG \AVG2015\avgemca.exe FirewallRules: [{7133564D-8800- 4463-9B55-7C6DF7E54531}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources \HPWarrantyCheck \HPDeviceDetection3.exe ==================== Faulty Device Manager Devices ============= Name: qknfd Description: qknfd Class Guid: {8ECC055D-047F-11D1- A537-0000F8753ED1} Manufacturer: Service: qknfd Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ======================= == Application errors: ================== Error: (05/22/2015 04:14:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:13:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:12:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:11:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:10:22 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:10:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows cannot load classes registry file. DETAIL - Unspecified error Error: (05/22/2015 04:07:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:06:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:05:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:04:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered System errors: ============= Error: (05/22/2015 04:09:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (05/22/2015 04:09:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The AVGIDSAgent service terminated with service-specific error %%-536753637. Error: (05/22/2015 03:55:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (05/22/2015 03:55:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The AVGIDSAgent service terminated with service-specific error %%-536753637. Error: (05/22/2015 04:36:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (05/22/2015 04:36:14 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The AVGIDSAgent service terminated with service-specific error %%-536753637. Error: (05/21/2015 04:38:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error: (05/21/2015 07:49:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error: (05/20/2015 07:38:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (05/20/2015 07:38:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The AVGIDSAgent service terminated with service-specific error %%-536753637. Microsoft Office: ======================= == Error: (05/22/2015 04:14:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:13:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:12:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:11:21 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:10:22 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:10:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Unspecified error Error: (05/22/2015 04:07:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:06:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:05:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered Error: (05/22/2015 04:04:43 PM) (Source: SDWinSec.exe) (EventID: 0) (User: ) Description: Class not registered ==================== Memory info ======================= ==== Processor: AMD Athlon(tm) II X4 620 Processor Percentage of memory in use: 22% Total physical RAM: 7935.23 MB Available physical RAM: 6179.55 MB Total Pagefile: 15868.68 MB Available Pagefile: 14012.87 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ======================= ========= Drive c: (HP) (Fixed) (Total:584.07 GB) (Free:513.39 GB) NTFS Drive d: (FACTORY_IMAGE) (Fixed) (Total:12 GB) (Free:2.18 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Pictures) (CDROM) (Total:0.69 GB) (Free:0.08 GB) UDF ==================== MBR & Partition Table ================== ======================= ======================= ========== Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=584.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=12 GB) - (Type=07 NTFS) ==================== End of log ======================= ===== ======================= ===== [/QUOTE]
Insert quotes…
Verification
Post reply
Top