Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
This topic is locked
Member
Starting getting multiple dllhost.exe's running and am turning here for help via the Norton Community Malware Removal forum. Please find attached log files.
Thanks!
aswMBR.txt 2.23KB
142 downloads
Malwarebyteslog.txt 1.84KB
224 downloads
ComboFix.txt 79.4KB
136 downloads
Trusted Helper
Greetings jt4211 and 
Thanks for the logs you have attached, they are very helpful and I have had a look through to see what we are dealing with. I do however need a more thorough scan with the tool identified below.
My nickname is Ruggie and I will be assisting you in cleaning your computer.
Please be aware I am currently in the final stages of training right now and all my work will be checked by an instructor so there may be a slight delay between posts. The added benefit to this is that you will have 2 sets of eyes looking at your problem so you can be assured you will get the best possible help.
Before going any further, I recommend that you print out (or save to a file) these guidelines and also the instructions when I post them, as part of the repair process may involve going into safe mode and therefore you will not have internet access.
The following guidelines are important but the ones highlighted in RED are of the highest importance and must not be skipped.
Please be aware, the fixes we perform are specific to this machine, at this moment in time. They must not be used on another computer or unsupervised at another time. This can render your computer unbootable.If at all possible, Make backups of all your important files, whilst we will do our best to ensure that no files are lost or damaged, sometimes things can go wrong. I will do everything in my power to ensure that this clean is successful, but occasionally failure hits us all. In this event, please have your original installation disks to hand and be prepared to have to format and reinstall your computer. Refrain from using any tool that hasn't been instructed as it could alter the process that we are working through and cause further problems. Also only use the tools I instruct in the manner provided as they are very powerful and if not used properly can cause even more problems. It is best if you can avoid using the computer at all, apart from to perform the cleaning steps to ensure that any infections aren't spread.Please stick with me until the end. malware removal is difficult and time consuming. We have to analyse hundreds of lines in log files. This takes time which we give freely so I ask that you do us the courtesy of seeing it through. Only paste the contents of log files into your reply, DO NOT attach any log files unless requested to do so. If you have any questions or get stuck, stop and ask....I am here to help you make this go as smoothly as possible. If you do not reply within 3 days, your topic will be closed. It can be reopened if you ask. But if you plan on being gone for a longer period, just let me know and I will hold it open for you.
Ready? Now lets get to work
Initial FRST Scan
Please download Farbar Recovery Scan Tool and save it to your Desktop. There will be 2 versions offered, if you know which version is the one you need, download that one, if not, download both, only one will work on your computer, that is the one you need.
to run as administrator. >> Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.Drivers MD5
Addition.txt
Items I need to see in your next post:
Trusted Helper
Can I just make an extra reminder point to paste the contents of your log files into the post and not attach files please.
When we are working with log files, it makes things easier when it is not in a seperate file.
Thanks
Member
ruggie - Thanks so much for the assistance. Please find pasted contents of the log files requested:
FRST.TXT
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by TeamTkac (administrator) on TEAMTKAC-PC on 10-11-2014 18:53:26
Running from C:\Users\TeamTkac\Desktop
Loaded Profile: TeamTkac (Available profiles: TeamTkac)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (All) =========================
(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\lsm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\taskeng.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\iexplore.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe
(Farbar) C:\Users\TeamTkac\Desktop\FRST64.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [167704 2011-06-20] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [392472 2011-06-20] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [416024 2011-06-20] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-06-30] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [YMailAdvisor] => C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe [174424 2009-05-08] (Yahoo! Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-07-14] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-10] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-13] (Glarysoft Ltd)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-14] (Google Inc.)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [Ihrsoft] => regsvr32.exe C:\Users\TeamTkac\AppData\Local\Ihrsoft\AsusDevinf32.dll <===== ATTENTION
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [Egqtion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\TeamTkac\AppData\Local\Ascbworks\QSCEula.dll
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Policies\system: [DisableRegistryTools] 0
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Policies\system: [DisableTaskMgr] 0
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-10] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation)
BootExecute: autocheck autochk * BootDefrag.exeaswBoot.exe /M:36ed1337 /wow /dir:C:\Program
AlternateShell: cmd.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-563202287-1717114301-743867805-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (All) ===========================
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...g}&sourceid=ie7
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...g}&sourceid=ie7
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...g}&sourceid=ie7
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...1I7ADFA_enUS508
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...1I7ADFA_enUS508
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-563202287-1717114301-743867805-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.11.0.cab
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Winsock: Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
Winsock: Catalog5-x64 09 %SystemRoot%\system32\wshbth.dll [47104] (Microsoft Corporation)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 08 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
FireFox:
========
FF ProfilePath: C:\Users\TeamTkac\AppData\Roaming\Mozilla\Firefox\Profiles\hznau090.default
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.MarineAquarium3Free_57.com/Plugin -> C:\Program Files (x86)\MarineAquarium3Free_57EI\Installr\1.bin\NP57EISB.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-563202287-1717114301-743867805-1000: @tools.google.com/Google Update;version=3 -> C:\Users\TeamTkac\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-563202287-1717114301-743867805-1000: @tools.google.com/Google Update;version=9 -> C:\Users\TeamTkac\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\TeamTkac\AppData\Roaming\Mozilla\Firefox\Profiles\hznau090.default\searchplugins\Google.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\twitter.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo.xml
FF Extension: MEGA - C:\Users\TeamTkac\AppData\Roaming\Mozilla\Firefox\Profiles\hznau090.default\Extensions\[email protected] [2013-11-27]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-12-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-11-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-02]
FF HKLM-x32\...\Mozilla Firefox 26.0\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKLM-x32\...\Mozilla Firefox 26.0\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins [2013-12-21]
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Chrome:
=======
CHR Profile: C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-09]
CHR Extension: (Google Drive) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-09]
CHR Extension: (YouTube) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-09]
CHR Extension: (Google Search) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-09]
CHR Extension: (avast! Online Security) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-09]
CHR Extension: (Google Wallet) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-07]
==================== Services (All) ========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704 2014-09-04] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-24] (Adobe Systems Incorporated)
S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
R3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2014-08-18] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [105120 2011-09-16] (Atheros Commnucations) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2014-07-06] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2014-07-06] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-07] (AVAST Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation)
R3 BITS; C:\Windows\system32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-11] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-13] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [187904 2014-07-06] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2014-07-06] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-07-14] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation)
R2 DsiWMIService; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360 2011-06-30] (Dritek System Inc.)
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
R2 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-06-21] (Egis Technology Inc. )
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2011-10-07] (Acresso Software Inc.)
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-20] (Microsoft Corporation)
R3 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438104 2014-07-10] (Garmin Ltd or its subsidiaries)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456 2011-05-29] (Acer Incorporated)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-07-14] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-07-14] (Google Inc.)
S3 gusvc; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-15] (Google)
S3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation)
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336 2011-01-12] (Intel Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-06-30] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-09-18] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation)
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [641352 2014-05-26] (Apple Inc.)
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation)
R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [326168 2011-02-01] (Intel Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation)
S2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2013-12-21] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
S3 ose64; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [178760 2014-01-23] (Microsoft Corporation)
S2 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5132888 2012-10-01] (Microsoft Corporation)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2014-07-06] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation)
R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation)
R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
R2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
S2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [681984 2014-07-16] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation)
S3 TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [149504 2010-11-29] (Intel® Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2656280 2011-02-01] (Intel Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2011-11-27] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation)
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
S3 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation)
R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2477536 2014-05-14] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation)
R2 YahooAUService; C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392 2008-11-09] (Yahoo! Inc.)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
==================== Drivers (All) ==========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-07-14] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-07-14] (Advanced Micro Devices)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2014-08-18] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-07] ()
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [36000 2011-09-16] (Atheros)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2768384 2011-08-05] (Atheros Communications, Inc.)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] (Microsoft Corporation)
S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [4729408 2011-06-08] (Broadcom Corporation)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
R1 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-01] (Glarysoft Ltd)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-07-14] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [330912 2011-09-16] (Atheros)
S3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [110240 2011-09-16] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [30368 2011-09-16] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [167584 2011-09-16] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [68256 2011-09-16] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [280992 2011-09-16] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [517280 2011-09-16] (Atheros)
S3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [41984 2009-07-13] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-13] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-27] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
R3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation)
R0 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108800 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-13] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-15] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-13] (Emulex)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-10-16] (Glarysoft Ltd)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
S3 HidUsb; C:\Windows\system32\drivers\hidusb.sys [30208 2010-11-20] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation)
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
R0 iaStor; C:\Windows\System32\drivers\iaStor.sys [439320 2011-01-12] (Intel Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-07-14] (Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12230912 2011-06-10] (Intel Corporation)
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3056360 2011-08-16] (Realtek Semiconductor Corp.)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Intel® Corporation)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation)
R3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-03] (Microsoft Corporation)
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-04-11] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2014-04-11] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [76912 2010-09-27] (Atheros Communications, Inc.)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-13] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\system32\drivers\HECIx64.sys [56344 2010-10-19] (Intel Corporation)
S3 mmpDrv; C:\Windows\system32\Drivers\mmpDrv.sys [21008 2012-10-18] (<company name here>)
S3 mmpguidrv; C:\Windows\system32\Drivers\MmpGuiDrv.sys [12304 2012-10-18] ()
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-07-14] (Microsoft Corporation)
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-08] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-07-14] (Microsoft Corporation)
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation)
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [22648 2011-08-26] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [20520 2011-08-26] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62776 2011-08-26] (Egis Technology Inc.)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-23] (Microsoft Corporation)
R3 NTIDrvr; C:\Windows\system32\drivers\NTIDrvr.sys [18432 2011-03-09] (NTI Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-07-14] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-07-14] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-13] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2014-07-06] (Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-13] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation)
S3 rdpbus; C:\Windows\system32\drivers\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-13] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [247400 2010-07-20] (Realtek Semiconductor Corp.)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Microsoft Corporation)
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-07-14] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-07-14] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-07-14] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-13] (Promise Technology)
R3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] (Microsoft Corporation)
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
R3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [1383472 2010-07-29] (Synaptics Incorporated)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation)
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation)
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-16] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-01] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [16120 2010-11-29] (Intel® Corporation)
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [17408 2011-03-09] (NTI Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation)
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.)
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-26] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-26] (Microsoft Corporation)
S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-07-14] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-26] (Microsoft Corporation)
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-13] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 80B9412C4DE09147581FC935FB4C97AB
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys D95E64416A4A3ED6986E0F474DA934BD
C:\Windows\system32\drivers\aswMonFlt.sys FF1E537A3632CBB9A0BF72B9FD0878D5
C:\Windows\system32\drivers\aswRdr2.sys A5757DE5F9C83AB40667A53D5126EA40
C:\Windows\System32\Drivers\aswRvrt.sys 645D97385F3F284FB5604F9B970F4D24
C:\Windows\system32\drivers\aswSnx.sys B8FDEDE963B82CFD23B3A53A3084666D
C:\Windows\system32\drivers\aswSP.sys 0DEDC041DF594AEC2C3BD00417CFAF60
C:\Windows\system32\drivers\aswStm.sys 48DED912CDE54FC0923B9858512366E1
C:\Windows\System32\Drivers\aswVmm.sys 471A311745848B80339436688A8286E6
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\btath_flt.sys 185F180536188C1A4ED605234721A5B9
C:\Windows\System32\DRIVERS\athrx.sys 16567AB05CD34F46D0DCBB129CA143C2
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 11F844B46B631337395651ABE9C4167B
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\drivers\BootDefragDriver.sys 369D7E0E01117A1A4A23C9C6A04EED06
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\drivers\btath_a2dp.sys D74A81CCF0372C955862692B7AF272C9
C:\Windows\System32\drivers\btath_avdt.sys 3118072D09DAA1961A9F6549A4E8433A
C:\Windows\System32\DRIVERS\btath_bus.sys E6B734A37ADE36FE1A77035F4E484C8C
C:\Windows\System32\DRIVERS\btath_hcrp.sys FB3833E63FF602B69C2FF085846DCF43
C:\Windows\System32\DRIVERS\btath_lwflt.sys 8008D892A2BDA67EEFBE25E14EB5DC83
C:\Windows\System32\DRIVERS\btath_rcp.sys ABCD3C16CA850A7594CEB9AD5D966810
C:\Windows\System32\DRIVERS\btfilter.sys 65350DC9B058B34BBD3AC837C38C2817
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\drivers\GUBootStartup.sys 0636745A40DEA06283D45885C228AF01
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D469B77687E12FE43E344806740B624D
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 9937600A1584FF00565D5379EB4C9EDB
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys CB7DADEF3D83FE2C12655A0BDCBA99F2
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 0E154DA6CA9105354A07D0C576804037
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\system32\drivers\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\system32\Drivers\mmpDrv.sys E1CE5BE3C912FD9734C8C93470A47B65
C:\Windows\system32\Drivers\MmpGuiDrv.sys 3E5026B324FB71FD8D775EDF099A8275
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mwlPSDFilter.sys C009123B206C56854F4E88596035231D
C:\Windows\System32\DRIVERS\mwlPSDNServ.sys BF3739EEB9F008B1DEBAC115089A53F8
C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys 38DD143D95E7A01B86F219DDA9C28779
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\system32\drivers\NTIDrvr.sys EE3BA1024594D5D09E314F206B94069E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys 946010CDFA91469351B22E2620CEBCD8
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 9BEB5F18A418FF70659CE2E356829568
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys EF51B22706DB03F0857FADE127C804EC
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TurboB.sys FD24F98D2898BE093FE926604BE7DB99
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys A17D5E1A6DF4EAB0A480F2C490DE4C9D
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 18:02 - 2014-11-10 18:02 - 00032364 _____ () C:\Users\TeamTkac\Desktop\Addition.txt
2014-11-10 18:01 - 2014-11-10 18:53 - 00108244 _____ () C:\Users\TeamTkac\Desktop\FRST.txt
2014-11-10 18:01 - 2014-11-10 18:53 - 00000000 ____D () C:\FRST
2014-11-10 17:58 - 2014-11-10 17:59 - 02116096 _____ (Farbar) C:\Users\TeamTkac\Desktop\FRST64.exe
2014-11-09 19:58 - 2014-11-09 20:35 - 00000000 ____D () C:\Users\TeamTkac\Desktop\VirusMalware Removal
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\Windows\ERUNT
2014-11-09 18:36 - 2014-11-09 18:36 - 825216613 _____ () C:\Windows\MEMORY.DMP
2014-11-09 18:36 - 2014-11-09 18:36 - 00266288 _____ () C:\Windows\Minidump\110914-21044-01.dmp
2014-11-09 17:44 - 2014-11-09 17:44 - 00081306 _____ () C:\ComboFix.txt
2014-11-09 17:21 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-09 17:21 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-09 17:21 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-09 17:16 - 2014-11-09 17:44 - 00000000 ____D () C:\Qoobox
2014-11-09 17:15 - 2014-11-09 17:43 - 00000000 ____D () C:\Windows\erdnt
2014-11-09 16:12 - 2014-11-09 17:15 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Ascbworks
2014-11-09 16:12 - 2014-11-09 16:12 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Ihrsoft
2014-11-09 12:44 - 2014-11-09 12:44 - 00008542 _____ () C:\Users\TeamTkac\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:44 - 2014-11-09 12:44 - 00004214 _____ () C:\Users\TeamTkac\DECRYPT_INSTRUCTION.TXT
2014-11-09 12:32 - 2014-11-09 12:32 - 00008542 _____ () C:\Users\TeamTkac\Downloads\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:32 - 2014-11-09 12:32 - 00004214 _____ () C:\Users\TeamTkac\Downloads\DECRYPT_INSTRUCTION.TXT
2014-11-09 12:14 - 2014-11-09 12:14 - 00008542 _____ () C:\Users\TeamTkac\Documents\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:14 - 2014-11-09 12:14 - 00004214 _____ () C:\Users\TeamTkac\Documents\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:36 - 2014-11-09 11:36 - 00008542 _____ () C:\Users\TeamTkac\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:36 - 2014-11-09 11:36 - 00008542 _____ () C:\Users\TeamTkac\AppData\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:36 - 2014-11-09 11:36 - 00004214 _____ () C:\Users\TeamTkac\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:36 - 2014-11-09 11:36 - 00004214 _____ () C:\Users\TeamTkac\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00008542 _____ () C:\Users\TeamTkac\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:35 - 2014-11-09 11:35 - 00008542 _____ () C:\Users\Public\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:35 - 2014-11-09 11:35 - 00008542 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:35 - 2014-11-09 11:35 - 00004214 _____ () C:\Users\TeamTkac\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00004214 _____ () C:\Users\Public\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00004214 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:32 - 2014-11-09 16:11 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-03 16:50 - 2014-11-03 16:46 - 00002128 ____N () C:\Users\TeamTkac\Desktop\gps.conf
2014-11-03 07:47 - 2014-09-18 15:47 - 00003218 _____ () C:\Users\TeamTkac\Desktop\gpsbu.conf
2014-11-02 11:28 - 2014-11-09 12:14 - 00000000 ___SD () C:\Users\TeamTkac\Documents\My Data Sources
2014-10-29 18:12 - 2014-11-09 18:36 - 00007580 _____ () C:\Windows\PFRO.log
2014-10-24 07:56 - 2014-10-24 07:58 - 1763672496 _____ () C:\Users\TeamTkac\Downloads\CarHDRom_V.32S.1_GT-I9505_GNH8.zip
2014-10-24 07:46 - 2014-10-24 07:46 - 345285360 _____ () C:\Users\TeamTkac\Downloads\ADDITIONAL-APPS_V.31.zip
2014-10-17 11:29 - 2014-11-09 20:03 - 00001960 _____ () C:\Windows\setupact.log
2014-10-17 11:29 - 2014-10-17 11:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-16 05:28 - 2014-10-16 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-16 05:28 - 2014-10-16 05:27 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-16 05:28 - 2014-10-16 05:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-16 05:28 - 2014-10-16 05:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-16 05:28 - 2014-10-16 05:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-16 05:22 - 2014-11-09 12:14 - 00000000 ____D () C:\Users\TeamTkac\Desktop\ultradefrag-portable-6.0.2.amd64
2014-10-15 05:12 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 05:12 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 05:12 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 05:12 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 05:12 - 2014-08-18 22:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 05:12 - 2014-08-18 22:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 05:12 - 2014-08-18 22:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 05:12 - 2014-08-18 22:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 05:12 - 2014-08-18 22:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 05:12 - 2014-08-18 22:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 05:12 - 2014-08-18 22:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 05:12 - 2014-08-18 22:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 05:12 - 2014-08-18 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 05:12 - 2014-08-18 22:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 05:12 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 05:12 - 2014-08-18 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 05:12 - 2014-08-18 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 05:12 - 2014-07-06 21:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 05:12 - 2014-07-06 21:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 05:12 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 05:12 - 2014-07-06 21:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 05:12 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 05:12 - 2014-07-06 21:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 05:12 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 05:12 - 2014-07-06 21:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 05:12 - 2014-07-06 21:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 05:12 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 05:12 - 2014-07-06 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 05:12 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 05:12 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 05:12 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 05:12 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 05:12 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 05:12 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 05:12 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 05:12 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 05:12 - 2014-06-27 19:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 05:12 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 05:12 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 05:11 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 05:11 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 05:11 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 05:11 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 05:11 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 05:11 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 05:11 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 05:11 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 05:11 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 05:11 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 05:11 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 05:11 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 05:11 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 05:11 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 05:11 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 05:11 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 05:11 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 05:11 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 05:11 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 05:11 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 05:11 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 05:11 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 05:11 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 05:11 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 05:11 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 05:11 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 05:11 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 05:11 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 05:11 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 05:11 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 05:11 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 05:11 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 05:11 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 05:11 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 05:11 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 05:11 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 05:11 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 05:11 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 05:11 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 05:11 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 05:11 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 05:11 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 05:11 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 05:11 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 05:11 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 05:11 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 05:11 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 05:11 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 05:11 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 05:11 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 05:11 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 05:11 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 05:11 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 05:11 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 05:11 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 05:11 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 05:11 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 05:11 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 05:11 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 05:11 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 05:11 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 05:10 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 05:10 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 05:10 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 05:10 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 05:10 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 05:10 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 05:10 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 05:10 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 05:10 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 05:10 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 05:10 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 05:10 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 05:10 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 05:10 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 05:10 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-12 13:56 - 2014-11-09 20:04 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 18:30 - 2012-10-07 14:02 - 00000330 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-11-10 18:25 - 2014-04-06 16:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 18:25 - 2011-10-07 19:44 - 01893424 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 18:12 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:12 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 17:58 - 2011-11-26 18:12 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000UA.job
2014-11-10 17:56 - 2012-07-14 07:27 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 17:56 - 2012-07-07 20:58 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-10 17:56 - 2011-11-26 18:12 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000Core.job
2014-11-09 20:10 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 20:07 - 2014-05-18 09:10 - 00000338 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-11-09 20:07 - 2011-11-26 17:46 - 00000000 ____D () C:\ProgramData\clear.fi
2014-11-09 20:06 - 2014-05-18 09:10 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-11-09 20:06 - 2012-07-14 07:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 20:03 - 2013-04-05 18:57 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-09 20:03 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 18:36 - 2013-06-09 07:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-09 17:42 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-09 17:11 - 2013-05-27 18:50 - 00000000 ____D () C:\Windows\pss
2014-11-09 16:50 - 2011-11-26 18:08 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\CrashDumps
2014-11-09 16:20 - 2014-04-10 15:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-09 12:44 - 2011-11-26 17:13 - 00000000 ____D () C:\Users\TeamTkac
2014-11-09 12:36 - 2013-01-31 20:24 - 00000000 ___RD () C:\Users\TeamTkac\Dropbox
2014-11-09 12:14 - 2014-05-13 08:14 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Zips
2014-11-09 12:14 - 2014-04-18 03:45 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Trailer Pics
2014-11-09 12:14 - 2013-09-28 07:07 - 00000000 ____D () C:\Users\TeamTkac\Documents\EaseUS Data Recovery Wizard Professional 6.0 + Serial
2014-11-09 12:14 - 2013-07-04 13:44 - 00000000 ____D () C:\Users\TeamTkac\Documents\Garmin
2014-11-09 12:14 - 2013-03-24 14:37 - 00000000 ____D () C:\Users\TeamTkac\Documents\My Scans
2014-11-09 12:13 - 2013-08-05 15:13 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4 SD Card
2014-11-09 12:13 - 2013-06-11 17:01 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4TWBlackApks
2014-11-09 12:13 - 2012-05-19 13:11 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Sony Camcorder
2014-11-09 12:11 - 2013-05-27 22:53 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4 All-In_one
2014-11-09 12:10 - 2013-02-06 17:50 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4
2014-11-09 11:54 - 2013-09-28 08:08 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Recover
2014-11-09 11:54 - 2013-06-09 06:34 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Office
2014-11-09 11:54 - 2012-11-19 18:11 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Photos
2014-11-09 11:54 - 2012-08-05 12:27 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Paint
2014-11-09 11:54 - 2012-01-10 23:02 - 00000000 ____D () C:\Users\TeamTkac\Desktop\PDFs
2014-11-09 11:52 - 2013-12-06 09:37 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Jeff's backup
2014-11-09 11:39 - 2014-08-02 20:14 - 00000000 ____D () C:\Users\TeamTkac\Desktop\GooseWorks
2014-11-09 11:39 - 2013-05-01 20:58 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Galaxy S4 Root
2014-11-09 11:39 - 2013-03-23 13:54 - 00000000 ____D () C:\Users\TeamTkac\Desktop\audio.htc
2014-11-09 11:39 - 2012-11-01 19:05 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Boston
2014-11-09 11:38 - 2014-04-07 18:38 - 00000000 ____D () C:\Users\TeamTkac\Desktop\audio
2014-11-09 11:38 - 2013-09-28 17:53 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Ashlyn Homecoming
2014-11-09 11:38 - 2012-01-10 23:05 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Ash Senior Pics
2014-11-09 11:36 - 2013-08-24 16:53 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Mozilla
2014-11-09 11:36 - 2012-10-07 08:03 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Motive
2014-11-09 11:36 - 2012-06-24 07:49 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Skype
2014-11-09 11:36 - 2012-05-19 13:15 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Sony Corporation
2014-11-09 11:35 - 2013-08-24 16:53 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Mozilla
2014-11-09 11:35 - 2013-05-28 06:56 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Glarysoft
2014-11-09 11:35 - 2013-01-31 20:21 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Dropbox
2014-11-09 11:35 - 2013-01-13 07:41 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Apple Computer
2014-11-09 11:35 - 2012-11-27 22:35 - 00000000 ____D () C:\ProgramData\Garmin
2014-11-09 11:35 - 2012-11-27 19:28 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Garmin
2014-11-09 11:35 - 2012-10-07 14:02 - 00000000 ____D () C:\ProgramData\Visan
2014-11-09 11:35 - 2012-10-07 13:52 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-11-09 11:35 - 2012-04-28 06:31 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\HP
2014-11-09 11:35 - 2012-04-28 06:20 - 00000000 ____D () C:\ProgramData\HP
2014-11-09 11:35 - 2011-11-26 18:12 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Google
2014-11-09 11:35 - 2011-11-26 17:46 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Cyberlink
2014-11-09 11:35 - 2011-11-26 17:14 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Adobe
2014-11-09 11:35 - 2011-11-26 17:14 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\PowerCinema
2014-11-09 11:34 - 2011-08-26 04:26 - 00000000 ____D () C:\ProgramData\Acer
2014-11-08 21:31 - 2011-08-26 04:29 - 00000000 ____D () C:\ProgramData\EgisTec IPS
2014-11-08 21:16 - 2011-08-26 04:20 - 00000000 ____D () C:\Program Files (x86)\Acer Games
2014-11-08 21:16 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-08 21:13 - 2012-09-16 21:27 - 00000000 ____D () C:\Galaxy Nexus ToolKit
2014-11-08 21:12 - 2013-07-25 19:26 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\WildTangent
2014-11-08 21:12 - 2011-08-26 04:20 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-08 21:09 - 2011-08-26 04:32 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-08 20:55 - 2012-07-14 07:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-08 20:19 - 2014-03-16 08:17 - 00000000 ____D () C:\ProgramData\bef0c90608e9258d
2014-11-08 20:19 - 2013-12-21 07:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-08 20:12 - 2012-07-14 07:27 - 00000000 ____D () C:\ProgramData\Google
2014-11-08 20:04 - 2014-03-16 08:16 - 00000000 ____D () C:\ProgramData\InstallMate
2014-11-08 20:04 - 2013-01-13 07:38 - 00000000 ____D () C:\ProgramData\Apple
2014-11-08 20:04 - 2011-10-07 20:11 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-08 20:01 - 2013-08-23 13:40 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-10-29 18:24 - 2014-01-29 19:54 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Samsung
2014-10-29 18:24 - 2014-01-29 19:54 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Samsung
2014-10-29 18:24 - 2011-11-27 02:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-10-29 18:24 - 2011-08-26 04:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-29 18:09 - 2014-03-29 13:16 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Packages
2014-10-29 18:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Globalization
2014-10-29 17:20 - 2014-04-10 15:50 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-29 17:20 - 2014-04-10 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 17:20 - 2014-04-10 15:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-28 05:34 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-20 17:57 - 2013-06-09 07:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-20 17:57 - 2012-04-28 06:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 07:37 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 05:50 - 2014-05-18 09:10 - 00002984 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-10-16 05:50 - 2014-05-18 09:10 - 00002646 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-10-16 05:50 - 2014-05-18 09:10 - 00001056 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-10-16 05:50 - 2014-05-18 09:10 - 00001044 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-10-16 05:19 - 2014-05-18 09:10 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-10-16 05:15 - 2011-11-26 17:14 - 00114240 _____ () C:\Users\TeamTkac\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-16 05:10 - 2009-07-13 23:45 - 00436368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 05:07 - 2014-05-07 13:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 05:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 05:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 05:01 - 2009-07-13 21:34 - 00000545 _____ () C:\Windows\win.ini
2014-10-16 04:47 - 2013-07-21 02:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 04:40 - 2011-11-26 18:30 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-11 09:06 - 2011-11-28 19:44 - 00001983 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-10-11 09:06 - 2011-08-26 04:32 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 04:33
==================== End Of Log ============================
ADDITION LOG
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by TeamTkac at 2014-11-10 18:59:19
Running from C:\Users\TeamTkac\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Android ADB Fastboot (HKLM-x32\...\{268F88C6-2B12-4670-AFA6-2B515BF81CF6}) (Version: 1.1 - ajua Custom Installers)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.96 - Atheros)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
C309g-m (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
EaseUS Data Recovery Wizard 6.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.0_is1) (Version: - EaseUS)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elevated Installer (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{ac22014a-a254-43b9-9cc0-e87cf9c7e18a}) (Version: 3.2.13.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Glary Utilities 5.10 (HKLM-x32\...\Glary Utilities 5) (Version: 5.10.0.17 - Glarysoft Ltd)
Google Chrome (HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9452 - HP Photo Creations Powered by RocketLife)
HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\SkyDriveSetup.exe) (Version: 16.4.6003.0710 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniAide Fat32 Formatter Home Edition version 1.05 (HKLM-x32\...\{C206CD7D-7CFE-4F0C-BC68-8873CDE3A5F5}_is1) (Version: 1.05 - MiniAide Tech Development Co., Ltd.)
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\MyFreeCodec) (Version: - )
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.3.00.04221 - Sony Corporation)
PS_AIO_06_C309g-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}) (Version: 1.0 - QualComm Atheros)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
SamsungSimpleDL (HKLM-x32\...\InstallShield_{97E988A2-0834-4284-B12B-991835E7CB70}) (Version: 1.0.001 - Your Company Name)
SamsungSimpleDL (x32 Version: 1.0.001 - Your Company Name) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 5.1.0 - UltraDefrag Development Team)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version: - )
Yahoo! Internet Mail (HKLM-x32\...\Yahoo! Mail) (Version: - )
Yahoo! Mail Advisor (HKLM-x32\...\Yahoo! Mail Advisor) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-563202287-1717114301-743867805-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
==================== Restore Points =========================
09-11-2014 02:07:32 Removed Adobe AIR
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2014-11-09 17:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {10E9EB21-AE4C-4545-A55E-96ECE0C79967} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {13AD2619-4473-4CC4-87EB-6556D2BA0A29} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {17E6442F-A187-4918-AD43-44296FFD2004} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14] (Google Inc.)
Task: {1972E568-FD6C-4859-9CD4-522F6E583011} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {1A2630BD-0E6D-46D7-A02B-FA966002D096} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-10-07] ()
Task: {2126431B-8039-4A74-B869-3A7CCA99B9E6} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-06-09] ()
Task: {2AA7ED17-B7CE-4E35-B267-F1F9AC60E7BA} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {37FA766A-2CE0-459B-ACB8-572EA8EEC4FB} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {385ADE83-51F6-48D1-8829-72FC34964B53} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-07] (AVAST Software)
Task: {48BC6D37-0DD8-4BD9-8E6D-5AD8AB3E226F} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {52179819-D804-49B6-8C73-836D9AAAA96F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {6801D284-7C81-4170-91C3-F75AE67E9DE4} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
Task: {6BCBB48B-33AF-4944-AC14-6151355661FC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {6BFF9752-60D9-46C4-BC68-A495AB920B53} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {6FE190FF-3D3D-4BB9-851F-384308B50164} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000Core => C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-26] (Google Inc.)
Task: {8422840D-0689-4E79-99C2-65AA4EA14DE2} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-10-13] (Glarysoft Ltd)
Task: {896D2798-37B0-460F-8598-C174E515A1B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9E48FA70-F97F-47D5-83F5-19D167F53C3E} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {A34FE139-96B0-4C77-A93F-04FAA837E989} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {AB4E4466-A13C-4846-BCC6-A0B2325230D0} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {B6169160-2AB3-4970-B946-3690251FBBF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000UA => C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-26] (Google Inc.)
Task: {C81EF65D-0E58-40CF-8E69-D3FC07E5953D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-14] (Google Inc.)
Task: {E172CDAE-D74A-4AD9-9624-5E61D86D847D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E92ACD3F-F064-41A1-9EB8-6AF4EE56EBBB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {EA3C4D93-3456-4050-9EE1-52804B5C6AE4} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-10] ()
Task: {FD0BEF59-8D67-4FB5-BC97-174A5CF19AC4} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-10-13] (Glarysoft Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000Core.job => C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000UA.job => C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) =============
2014-09-16 12:52 - 2014-09-16 12:52 - 08896160 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2009-01-21 18:45 - 2009-01-21 18:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-08-26 04:45 - 2011-06-10 12:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-07 19:13 - 2014-07-07 19:13 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-09 15:52 - 2014-11-09 15:52 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14110901\algo.dll
2014-11-10 17:56 - 2014-11-10 17:56 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14111001\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-10-16 06:52 - 2014-10-16 06:52 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2011-08-26 04:04 - 2011-01-12 19:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-11-09 16:12 - 2014-11-09 16:12 - 00032768 _____ () C:\Users\TeamTkac\AppData\Local\Ihrsoft\AsusDevinf32.dll
2014-11-09 16:12 - 2014-11-09 16:12 - 00035328 _____ () C:\Users\TeamTkac\AppData\Local\Ascbworks\QSCEula.dll
2014-07-07 19:13 - 2014-07-07 19:13 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-08-24 20:03 - 2011-08-24 20:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-10-13 00:33 - 2014-10-13 00:33 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\TeamTkac\Desktop\Facebook.website:TASKICON_0news964078814
AlternateDataStreams: C:\Users\TeamTkac\Desktop\Facebook.website:TASKICON_1messages523453257
AlternateDataStreams: C:\Users\TeamTkac\Desktop\Facebook.website:TASKICON_2events-954496249
AlternateDataStreams: C:\Users\TeamTkac\Desktop\Facebook.website:TASKICON_3friends2073392651
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^TeamTkac^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: ShopAtHomeWatcher => C:\Users\TeamTkac\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-563202287-1717114301-743867805-500 - Administrator - Disabled)
Guest (S-1-5-21-563202287-1717114301-743867805-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-563202287-1717114301-743867805-1002 - Limited - Enabled)
TeamTkac (S-1-5-21-563202287-1717114301-743867805-1000 - Administrator - Enabled) => C:\Users\TeamTkac
==================== Faulty Device Manager Devices =============
Name: Photosmart Premium C309g-m
Description: Photosmart Premium C309g-m
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart Premium C309g-m
Description: Photosmart Premium C309g-m
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/09/2014 08:04:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/09/2014 08:03:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (11/09/2014 08:04:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-11-09 17:40:19.004
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-09 17:40:18.957
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 59%
Total physical RAM: 3947.86 MB
Available physical RAM: 1586.27 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 4902.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:580.07 GB) (Free:452.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: B4D0916B)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=580.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Edited by jt4211, 10 November 2014 - 06:11 PM.
Trusted Helper
Hello again. Thanks you for providing the FRST logs, let's start to get you sorted...
Step 1
FRST Fix
If FRST64.exe is not on your desktop, please download Farbar Recovery Scan Tool and save it to your desktop.
fixlist.txt 3.61KB
151 downloads and save it to your desktop <<< very important - it must be in the same location as FRST64.exe and run as administrator. When the tool opens click Yes to the disclaimer.Step 2
Junkware Removal Tool
Please download Junkware Removal Tool to your desktop. << Important
Ensure that any security software is temporarily disabled for the duration of the scan. Don't forget to re-enable it afterwards.
and select "Run as Administrator".Step 3
AdwCleaner by Xplode
Download AdwCleaner from here or from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
Optional:
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
Items I need to see in your next post:
Trusted Helper
Please use the following fixlist instead.. I made a spelling mistake in the previous one.
fixlist.txt 3.61KB
224 downloads
Member
Ruggie - ran as instructed - computer running much better, not plagued by numerous dllhost.exe's. Logs below:
FIXLOG.TXT
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by TeamTkac at 2014-11-11 19:19:03 Run:2
Running from C:\Users\TeamTkac\Desktop\VirusMalware Removal
Loaded Profile: TeamTkac (Available profiles: TeamTkac)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [Ihrsoft] => regsvr32.exe C:\Users\TeamTkac\AppData\Local\Ihrsoft\AsusDevinf32.dll <===== ATTENTION
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [Egqtion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\TeamTkac\AppData\Local\Ascbworks\QSCEula.dll
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-563202287-1717114301-743867805-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Plugin-x32: @ei.MarineAquarium3Free_57.com/Plugin -> C:\Program Files (x86)\MarineAquarium3Free_57EI\Installr\1.bin\NP57EISB.dll No File
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
2014-11-09 16:12 - 2014-11-09 17:15 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Ascbworks
2014-11-09 16:12 - 2014-11-09 16:12 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Ihrsoft
2014-11-09 12:44 - 2014-11-09 12:44 - 00008542 _____ () C:\Users\TeamTkac\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:44 - 2014-11-09 12:44 - 00004214 _____ () C:\Users\TeamTkac\DECRYPT_INSTRUCTION.TXT
2014-11-09 12:32 - 2014-11-09 12:32 - 00008542 _____ () C:\Users\TeamTkac\Downloads\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:32 - 2014-11-09 12:32 - 00004214 _____ () C:\Users\TeamTkac\Downloads\DECRYPT_INSTRUCTION.TXT
2014-11-09 12:14 - 2014-11-09 12:14 - 00008542 _____ () C:\Users\TeamTkac\Documents\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:14 - 2014-11-09 12:14 - 00004214 _____ () C:\Users\TeamTkac\Documents\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:36 - 2014-11-09 11:36 - 00008542 _____ () C:\Users\TeamTkac\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:36 - 2014-11-09 11:36 - 00008542 _____ () C:\Users\TeamTkac\AppData\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:36 - 2014-11-09 11:36 - 00004214 _____ () C:\Users\TeamTkac\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:36 - 2014-11-09 11:36 - 00004214 _____ () C:\Users\TeamTkac\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00008542 _____ () C:\Users\TeamTkac\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:35 - 2014-11-09 11:35 - 00008542 _____ () C:\Users\Public\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:35 - 2014-11-09 11:35 - 00008542 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:35 - 2014-11-09 11:35 - 00004214 _____ () C:\Users\TeamTkac\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00004214 _____ () C:\Users\Public\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:35 - 2014-11-09 11:35 - 00004214 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
Task: {48BC6D37-0DD8-4BD9-8E6D-5AD8AB3E226F} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {6BFF9752-60D9-46C4-BC68-A495AB920B53} - System32\Tasks\IHUninstallTrackingTASK => CMD
C:\Users\TeamTkac\AppData\Roaming\ShopAtHome
C:\ProgramData\Windows Genuine Advantage\{2BEAD886-D9B8-45DE-855F-8AF1FBBCA8F4}\msiexec.exe
C:\ProgramData\Windows Genuine Advantage\{695DD13D-3AF4-48FE-AD68-AA0EC8D6C90C}\msiexec.exe
C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DECRYPT_INSTRUCTION.HTML
C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DECRYPT_INSTRUCTION.TXT
C:\Users\TeamTkac\Desktop\DECRYPT_INSTRUCTION.HTML
C:\Users\TeamTkac\Desktop\DECRYPT_INSTRUCTION.TXT
C:\Users\TeamTkac\AppData\LocalLow\utctlfd.dll
CloseProcesses:
emptytemp:
end
*****************
HKU\S-1-5-21-563202287-1717114301-743867805-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ihrsoft => Value not found.
HKU\S-1-5-21-563202287-1717114301-743867805-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Egqtion => Value not found.
"HKU\S-1-5-21-563202287-1717114301-743867805-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key not found.
"HKU\S-1-5-21-563202287-1717114301-743867805-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key not found.
"HKU\S-1-5-21-563202287-1717114301-743867805-1000\SOFTWARE\Policies\Google" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Value not found.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@ei.MarineAquarium3Free_57.com/Plugin" => Key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value not found.
"C:\Users\TeamTkac\AppData\Local\Ascbworks" => File/Directory not found.
"C:\Users\TeamTkac\AppData\Local\Ihrsoft" => File/Directory not found.
"C:\Users\TeamTkac\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\TeamTkac\Downloads\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\Downloads\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\TeamTkac\Documents\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\Documents\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\TeamTkac\AppData\Roaming\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\AppData\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\AppData\Roaming\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\TeamTkac\AppData\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\TeamTkac\AppData\Local\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\Public\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\ProgramData\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\AppData\Local\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\Public\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\ProgramData\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48BC6D37-0DD8-4BD9-8E6D-5AD8AB3E226F}" => Key not found.
C:\Windows\System32\Tasks\IHSelfDeleteTASK not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHSelfDeleteTASK" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BFF9752-60D9-46C4-BC68-A495AB920B53}" => Key not found.
C:\Windows\System32\Tasks\IHUninstallTrackingTASK not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHUninstallTrackingTASK" => Key not found.
"C:\Users\TeamTkac\AppData\Roaming\ShopAtHome" => File/Directory not found.
"C:\ProgramData\Windows Genuine Advantage\{2BEAD886-D9B8-45DE-855F-8AF1FBBCA8F4}\msiexec.exe" => File/Directory not found.
"C:\ProgramData\Windows Genuine Advantage\{695DD13D-3AF4-48FE-AD68-AA0EC8D6C90C}\msiexec.exe" => File/Directory not found.
"C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\TeamTkac\Desktop\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\Users\TeamTkac\Desktop\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\Users\TeamTkac\AppData\LocalLow\utctlfd.dll" => File/Directory not found.
Processes closed successfully.
JRT.TXT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Home Premium x64
Ran by TeamTkac on Tue 11/11/2014 at 19:05:10.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/11/2014 at 19:10:02.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ADWCLEANER
# AdwCleaner v4.101 - Report created 11/11/2014 at 19:39:11
# Updated 09/11/2014 by Xplode
# Database : 2014-11-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : TeamTkac - TEAMTKAC-PC
# Running from : C:\Users\TeamTkac\Desktop\VirusMalware Removal\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\ProgramData\bef0c90608e9258d
Folder Found : C:\ProgramData\ssafeweb
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Users\TeamTkac\AppData\Local\Tuguu_SL
Folder Found : C:\Users\TeamTkac\AppData\Roaming\ValueApps
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\a57d68ab03dba10
Key Found : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\adbabylon.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetcouch.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\thesweethome.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweetcouch.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\filescout
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\firstsearch
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.1 (x86 en-US)
-\\ Google Chrome v
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3308837&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPBC01FF57-0B25-4A5A-9540-C31225AEC06E&q={searchTerms}&SSPV=
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3308837&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPBC01FF57-0B25-4A5A-9540-C31225AEC06E&q={searchTerms}&SSPV=
-\\ Comodo Dragon v
*************************
AdwCleaner[R0].txt - [7824 octets] - [11/11/2014 19:39:11]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7884 octets] ##########
Trusted Helper
Hi there, glad to hear it.
I do apologise for the wait, I posted this in the wrong place and have been waiting for your reply - oops.
Quick question, did you run FRST fix twice? The log is showing second run and none of the items I included are found by FRST. If this is the second run then that is no problem as it was all dealt with in the first instance.
Lets proceed 
Step 1
Supplemental FRST Scan
Please run FRST64 again from your Desktop. If you do not currently have it on your system, download it from here and save it to your desktop.
to run as administrator When the tool opens click Yes to the disclaimer.shortcut.txt
Step 2Re-run AdwCleaner
Close all open windows and browsers.
AdwCleaner icon, click Run as administrator and accept the UAC prompt to run AdwCleaner.
Step 3
Farbar Service Scanner
Please download Farbar Service Scanner and save it to your Desktop.
Items I need to see in your next post:
Member
Ruggie - Sorry, FRST was run twice - didn't see your amended fixlist.txt file until after I ran it initially. New log files are as follows:
FRST / SHORTCUT LOGS:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014 02
Ran by TeamTkac (administrator) on TEAMTKAC-PC on 13-11-2014 19:02:29
Running from C:\Users\TeamTkac\Desktop\VirusMalware Removal
Loaded Profile: TeamTkac (Available profiles: TeamTkac)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google Inc.) C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-06-30] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [YMailAdvisor] => C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe [174424 2009-05-08] (Yahoo! Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-10] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-13] (Glarysoft Ltd)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-14] (Google Inc.)
HKU\S-1-5-21-563202287-1717114301-743867805-1000\...\Run: [Google Update] => C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-11-11] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-10] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * BootDefrag.exeaswBoot.exe /M:36ed1337 /wow /dir:C:\Program
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-563202287-1717114301-743867805-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-563202287-1717114301-743867805-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.11.0.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
FireFox:
========
FF ProfilePath: C:\Users\TeamTkac\AppData\Roaming\Mozilla\Firefox\Profiles\hznau090.default
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-563202287-1717114301-743867805-1000: @tools.google.com/Google Update;version=3 -> C:\Users\TeamTkac\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-563202287-1717114301-743867805-1000: @tools.google.com/Google Update;version=9 -> C:\Users\TeamTkac\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF Extension: MEGA - C:\Users\TeamTkac\AppData\Roaming\Mozilla\Firefox\Profiles\hznau090.default\Extensions\[email protected] [2013-11-27]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-11-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-02]
Chrome:
=======
CHR Profile: C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-12]
CHR Extension: (Avast Online Security) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-09]
CHR Extension: (Google Wallet) - C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [105120 2011-09-16] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-07] (AVAST Software)
R3 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438104 2014-07-10] (Garmin Ltd or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-07] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-01] (Glarysoft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-10-16] (Glarysoft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 mmpDrv; C:\Windows\system32\Drivers\mmpDrv.sys [21008 2012-10-18] (<company name here>)
S3 mmpguidrv; C:\Windows\system32\Drivers\MmpGuiDrv.sys [12304 2012-10-18] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 20:19 - 2014-11-12 20:19 - 00000000 __SHD () C:\Users\TeamTkac\AppData\Local\EmieBrowserModeList
2014-11-12 18:44 - 2014-11-12 18:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-11-12 18:44 - 2014-11-12 18:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-11-11 19:43 - 2014-11-11 19:43 - 00008040 _____ () C:\Users\TeamTkac\Desktop\AdwCleaner[R0].txt
2014-11-11 19:39 - 2014-11-11 19:40 - 00000000 ____D () C:\AdwCleaner
2014-11-11 19:22 - 2014-11-11 19:22 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-11-11 19:22 - 2014-11-11 19:22 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-11-11 19:15 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:15 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 19:11 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:11 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:11 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:11 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:11 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:11 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:11 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:11 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:11 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:11 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:11 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:11 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:11 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:11 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:11 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:11 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:11 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:11 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:11 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:11 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:11 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:11 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:11 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:11 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:11 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:11 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:11 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:11 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:11 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:11 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:11 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:11 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:11 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:11 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:11 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:11 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:11 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:11 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:11 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:11 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:11 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:11 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:11 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:11 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:11 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:11 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:11 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:11 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:11 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:11 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:11 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:11 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:11 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:11 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:11 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:11 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:11 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:11 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:11 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:11 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:11 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:11 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:11 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:11 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:11 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:11 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:11 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:11 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:11 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:11 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:11 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:11 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:10 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:10 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:10 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:10 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:10 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:10 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:10 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:10 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:10 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:10 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:10 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:10 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:10 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:10 - 2014-09-19 04:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-11 19:10 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:10 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:10 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:10 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:10 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:10 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:10 - 2014-09-19 04:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-11 19:10 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:10 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:10 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:10 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:10 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:10 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:10 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:10 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:49 - 2014-11-10 21:49 - 00032702 _____ () C:\ComboFix.txt
2014-11-10 21:29 - 2014-11-10 21:50 - 00000000 ____D () C:\ComboFix
2014-11-10 18:01 - 2014-11-13 19:02 - 00000000 ____D () C:\FRST
2014-11-09 19:58 - 2014-11-13 19:02 - 00000000 ____D () C:\Users\TeamTkac\Desktop\VirusMalware Removal
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\Windows\ERUNT
2014-11-09 18:36 - 2014-11-09 18:36 - 825216613 _____ () C:\Windows\MEMORY.DMP
2014-11-09 18:36 - 2014-11-09 18:36 - 00266288 _____ () C:\Windows\Minidump\110914-21044-01.dmp
2014-11-09 17:21 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-09 17:21 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-09 17:21 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-09 17:21 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-09 17:16 - 2014-11-10 21:49 - 00000000 ____D () C:\Qoobox
2014-11-09 17:15 - 2014-11-09 17:43 - 00000000 ____D () C:\Windows\erdnt
2014-11-09 11:32 - 2014-11-09 16:11 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-03 16:50 - 2014-11-03 16:46 - 00002128 ____N () C:\Users\TeamTkac\Desktop\gps.conf
2014-11-03 07:47 - 2014-09-18 15:47 - 00003218 _____ () C:\Users\TeamTkac\Desktop\gpsbu.conf
2014-11-02 11:28 - 2014-11-09 12:14 - 00000000 ___SD () C:\Users\TeamTkac\Documents\My Data Sources
2014-10-29 18:12 - 2014-11-12 19:10 - 00010874 _____ () C:\Windows\PFRO.log
2014-10-24 07:56 - 2014-10-24 07:58 - 1763672496 _____ () C:\Users\TeamTkac\Downloads\CarHDRom_V.32S.1_GT-I9505_GNH8.zip
2014-10-24 07:46 - 2014-10-24 07:46 - 345285360 _____ () C:\Users\TeamTkac\Downloads\ADDITIONAL-APPS_V.31.zip
2014-10-17 11:29 - 2014-11-13 18:44 - 00002240 _____ () C:\Windows\setupact.log
2014-10-17 11:29 - 2014-10-17 11:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-16 05:28 - 2014-10-16 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-16 05:28 - 2014-10-16 05:27 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-16 05:28 - 2014-10-16 05:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-16 05:28 - 2014-10-16 05:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-16 05:28 - 2014-10-16 05:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-16 05:22 - 2014-11-09 12:14 - 00000000 ____D () C:\Users\TeamTkac\Desktop\ultradefrag-portable-6.0.2.amd64
2014-10-15 05:12 - 2014-08-18 22:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 05:12 - 2014-08-18 22:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 05:12 - 2014-08-18 22:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 05:12 - 2014-08-18 22:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 05:12 - 2014-08-18 22:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 05:12 - 2014-08-18 22:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 05:12 - 2014-08-18 22:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 05:12 - 2014-08-18 22:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 05:12 - 2014-08-18 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 05:12 - 2014-08-18 22:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 05:12 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 05:12 - 2014-08-18 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 05:12 - 2014-08-18 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 05:12 - 2014-07-06 21:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 05:12 - 2014-07-06 21:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 05:12 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 05:12 - 2014-07-06 21:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 05:12 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 05:12 - 2014-07-06 21:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 05:12 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 05:12 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 05:12 - 2014-07-06 21:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 05:12 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 05:12 - 2014-07-06 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 05:12 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 05:12 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 05:12 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 05:12 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 05:12 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 05:12 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 05:12 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 05:12 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 05:12 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 05:12 - 2014-06-27 19:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 05:12 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 05:12 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 05:12 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 05:11 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 05:11 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 05:11 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 05:10 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 05:10 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 05:10 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 05:10 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 05:10 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 05:10 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 05:10 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 05:10 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 18:55 - 2014-05-18 09:10 - 00000338 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-11-13 18:55 - 2014-05-18 09:10 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-11-13 18:55 - 2011-10-07 19:44 - 01489638 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 18:54 - 2011-11-26 17:46 - 00000000 ____D () C:\ProgramData\clear.fi
2014-11-13 18:51 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 18:51 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 18:46 - 2014-10-12 13:56 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-11-13 18:44 - 2013-04-05 18:57 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-13 18:44 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 18:42 - 2014-04-06 16:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-13 18:42 - 2012-10-07 14:02 - 00000330 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-11-13 18:42 - 2011-11-26 18:12 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000UA.job
2014-11-13 10:29 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 08:59 - 2012-07-07 20:58 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-12 20:04 - 2011-11-26 18:12 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000Core.job
2014-11-12 19:11 - 2009-07-13 23:45 - 00436368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 19:09 - 2014-05-07 13:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 18:53 - 2013-06-09 07:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-12 18:52 - 2012-04-28 06:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 18:42 - 2009-07-13 21:34 - 00000545 _____ () C:\Windows\win.ini
2014-11-12 18:38 - 2013-07-21 02:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 18:34 - 2011-11-26 18:30 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 18:32 - 2012-07-14 07:27 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 18:32 - 2012-07-14 07:27 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 18:32 - 2012-07-14 07:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 18:32 - 2012-07-14 07:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 15:39 - 2014-04-06 16:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 15:39 - 2014-04-06 16:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:39 - 2014-04-06 16:24 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-11 20:05 - 2011-11-26 18:14 - 00002386 _____ () C:\Users\TeamTkac\Desktop\Google Chrome.lnk
2014-11-11 19:59 - 2011-11-26 18:12 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000UA
2014-11-11 19:59 - 2011-11-26 18:12 - 00003500 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-563202287-1717114301-743867805-1000Core
2014-11-11 19:40 - 2011-11-26 18:12 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Google
2014-11-11 19:22 - 2013-05-30 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-11 18:57 - 2011-11-26 17:13 - 00000000 ____D () C:\Users\TeamTkac
2014-11-11 18:48 - 2011-08-26 04:28 - 00000000 ____D () C:\Windows\en
2014-11-11 03:33 - 2014-03-21 21:15 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Apple
2014-11-11 01:21 - 2013-12-21 07:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 21:53 - 2014-04-10 15:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-10 21:42 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-09 18:36 - 2013-06-09 07:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-09 17:11 - 2013-05-27 18:50 - 00000000 ____D () C:\Windows\pss
2014-11-09 16:50 - 2011-11-26 18:08 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\CrashDumps
2014-11-09 12:36 - 2013-01-31 20:24 - 00000000 ___RD () C:\Users\TeamTkac\Dropbox
2014-11-09 12:14 - 2014-05-13 08:14 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Zips
2014-11-09 12:14 - 2014-04-18 03:45 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Trailer Pics
2014-11-09 12:14 - 2013-09-28 07:07 - 00000000 ____D () C:\Users\TeamTkac\Documents\EaseUS Data Recovery Wizard Professional 6.0 + Serial
2014-11-09 12:14 - 2013-07-04 13:44 - 00000000 ____D () C:\Users\TeamTkac\Documents\Garmin
2014-11-09 12:14 - 2013-03-24 14:37 - 00000000 ____D () C:\Users\TeamTkac\Documents\My Scans
2014-11-09 12:13 - 2013-08-05 15:13 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4 SD Card
2014-11-09 12:13 - 2013-06-11 17:01 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4TWBlackApks
2014-11-09 12:13 - 2012-05-19 13:11 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Sony Camcorder
2014-11-09 12:11 - 2013-05-27 22:53 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4 All-In_one
2014-11-09 12:10 - 2013-02-06 17:50 - 00000000 ____D () C:\Users\TeamTkac\Desktop\S4
2014-11-09 11:54 - 2013-09-28 08:08 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Recover
2014-11-09 11:54 - 2013-06-09 06:34 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Office
2014-11-09 11:54 - 2012-11-19 18:11 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Photos
2014-11-09 11:54 - 2012-08-05 12:27 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Paint
2014-11-09 11:54 - 2012-01-10 23:02 - 00000000 ____D () C:\Users\TeamTkac\Desktop\PDFs
2014-11-09 11:52 - 2013-12-06 09:37 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Jeff's backup
2014-11-09 11:39 - 2014-08-02 20:14 - 00000000 ____D () C:\Users\TeamTkac\Desktop\GooseWorks
2014-11-09 11:39 - 2013-05-01 20:58 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Galaxy S4 Root
2014-11-09 11:39 - 2013-03-23 13:54 - 00000000 ____D () C:\Users\TeamTkac\Desktop\audio.htc
2014-11-09 11:39 - 2012-11-01 19:05 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Boston
2014-11-09 11:38 - 2014-04-07 18:38 - 00000000 ____D () C:\Users\TeamTkac\Desktop\audio
2014-11-09 11:38 - 2013-09-28 17:53 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Ashlyn Homecoming
2014-11-09 11:38 - 2012-01-10 23:05 - 00000000 ____D () C:\Users\TeamTkac\Desktop\Ash Senior Pics
2014-11-09 11:36 - 2013-08-24 16:53 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Mozilla
2014-11-09 11:36 - 2012-10-07 08:03 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Motive
2014-11-09 11:36 - 2012-06-24 07:49 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Skype
2014-11-09 11:36 - 2012-05-19 13:15 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Sony Corporation
2014-11-09 11:35 - 2013-08-24 16:53 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Mozilla
2014-11-09 11:35 - 2013-05-28 06:56 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Glarysoft
2014-11-09 11:35 - 2013-01-31 20:21 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Dropbox
2014-11-09 11:35 - 2013-01-13 07:41 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Apple Computer
2014-11-09 11:35 - 2012-11-27 22:35 - 00000000 ____D () C:\ProgramData\Garmin
2014-11-09 11:35 - 2012-11-27 19:28 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Garmin
2014-11-09 11:35 - 2012-10-07 14:02 - 00000000 ____D () C:\ProgramData\Visan
2014-11-09 11:35 - 2012-10-07 13:52 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-11-09 11:35 - 2012-04-28 06:31 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\HP
2014-11-09 11:35 - 2012-04-28 06:20 - 00000000 ____D () C:\ProgramData\HP
2014-11-09 11:35 - 2011-11-26 17:46 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Cyberlink
2014-11-09 11:35 - 2011-11-26 17:14 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Adobe
2014-11-09 11:35 - 2011-11-26 17:14 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\PowerCinema
2014-11-09 11:34 - 2011-08-26 04:26 - 00000000 ____D () C:\ProgramData\Acer
2014-11-08 21:31 - 2011-08-26 04:29 - 00000000 ____D () C:\ProgramData\EgisTec IPS
2014-11-08 21:16 - 2011-08-26 04:20 - 00000000 ____D () C:\Program Files (x86)\Acer Games
2014-11-08 21:16 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-08 21:13 - 2012-09-16 21:27 - 00000000 ____D () C:\Galaxy Nexus ToolKit
2014-11-08 21:12 - 2013-07-25 19:26 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\WildTangent
2014-11-08 21:12 - 2011-08-26 04:20 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-08 21:09 - 2011-08-26 04:32 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-08 20:55 - 2012-07-14 07:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-08 20:19 - 2014-03-16 08:17 - 00000000 ____D () C:\ProgramData\bef0c90608e9258d
2014-11-08 20:12 - 2012-07-14 07:27 - 00000000 ____D () C:\ProgramData\Google
2014-11-08 20:04 - 2014-03-16 08:16 - 00000000 ____D () C:\ProgramData\InstallMate
2014-11-08 20:04 - 2013-01-13 07:38 - 00000000 ____D () C:\ProgramData\Apple
2014-11-08 20:04 - 2011-10-07 20:11 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-08 20:01 - 2013-08-23 13:40 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-10-29 18:24 - 2014-01-29 19:54 - 00000000 ____D () C:\Users\TeamTkac\AppData\Roaming\Samsung
2014-10-29 18:24 - 2014-01-29 19:54 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Samsung
2014-10-29 18:24 - 2011-11-27 02:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-10-29 18:24 - 2011-08-26 04:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-29 18:09 - 2014-03-29 13:16 - 00000000 ____D () C:\Users\TeamTkac\AppData\Local\Packages
2014-10-29 18:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Globalization
2014-10-29 17:20 - 2014-04-10 15:50 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-29 17:20 - 2014-04-10 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-29 17:20 - 2014-04-10 15:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-28 05:34 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-16 07:37 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 05:50 - 2014-05-18 09:10 - 00002984 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-10-16 05:50 - 2014-05-18 09:10 - 00002646 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-10-16 05:50 - 2014-05-18 09:10 - 00001056 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-10-16 05:50 - 2014-05-18 09:10 - 00001044 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-10-16 05:19 - 2014-05-18 09:10 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-10-16 05:15 - 2011-11-26 17:14 - 00114240 _____ () C:\Users\TeamTkac\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-16 05:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 05:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 17:56 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 04:33
==================== End Of Log ============================
Users shortcut scan result (x64) Version: 13-11-2014 02
Ran by TeamTkac at 2014-11-13 19:03:23
Running from C:\Users\TeamTkac\Desktop\VirusMalware Removal
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Times Reader.lnk -> C:\Program Files (x86)\Times Reader\Times Reader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraDefrag.lnk -> C:\Program Files\UltraDefrag\ultradefrag.exe (UltraDefrag Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home\PlayMemories Home Settings Initialization Tool.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBInit.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home\PlayMemories Home.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Uninstall.lnk -> C:\Program Files (x86)\Google\Picasa3\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ocean Adventure Aquarium Animated Wallpaper\Start Ocean Adventure Aquarium Animated Wallpaper.lnk -> C:\Program Files (x86)\DesktopAnimated\Ocean Adventure Aquarium Animated Wallpaper\Ocean Adventure Aquarium.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ocean Adventure Aquarium Animated Wallpaper\Uninstall Ocean Adventure Aquarium Animated Wallpaper.lnk -> C:\Program Files (x86)\DesktopAnimated\Ocean Adventure Aquarium Animated Wallpaper\Uninstall Ocean Adventure Aquarium Animated Wallpaper.exe (DesktopAnimated.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9\NTI Media Maker 9.lnk -> C:\Program Files (x86)\NTI\NTI Media Maker 9\LauncherLoader.exe (NTI Corporation.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk -> C:\Program Files (x86)\MyFree Codec\1.0b beta\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniAide Fat32 Formatter Home Edition\MiniAide Fat32 Formatter Home Edition 1.05.lnk -> C:\Program Files (x86)\MiniAide Fat32 Formatter Home Edition\MiniAideFat32Formatter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniAide Fat32 Formatter Home Edition\Uninstall MiniAide Fat32 Formatter Home Edition.lnk -> C:\Program Files (x86)\MiniAide Fat32 Formatter Home Edition\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Product Support Website.lnk -> C:\Program Files (x86)\HP\Digital Imaging\HP Photosmart Premium C309g-m\help\HP Product Support Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Readme.lnk -> C:\Program Files (x86)\HP\Digital Imaging\help\PS_AIO_06_C309g-m_readme\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Smart Web Printing\HP Smart Web Printing Help.lnk -> C:\Program Files (x86)\HP\Digital Imaging\smart web printing\Help\hpsmartprint.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\Uninstall HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Uninstall.lnk -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Website.lnk -> C:\Program Files (x86)\Glary Utilities 5\Glary Utilities 5.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Express.lnk -> C:\Program Files (x86)\Garmin\Express\Express.exe (Garmin)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\Express.exe (Garmin)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec\MyWinLocker.lnk -> C:\Program Files (x86)\EgisTec MyWinLocker\EgisMgtConsole.exe (Egis Technology Inc. )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 6.0\EaseUS Data Recovery Wizard 6.0 .lnk -> C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\DRW.exe (CHENGDU YIWO Tech Development Co., Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 6.0\EaseUS Data Recovery Wizard Help.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\drw.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 6.0\Uninstall EaseUS Data Recovery Wizard 6.0 .lnk -> C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Advanced Audio Demo.lnk -> C:\Dolby PCEE4\pcee4d.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Advanced Audio.lnk -> C:\Dolby PCEE4\pcee4l.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi\clear.fi Share Setting.lnk -> C:\Program Files (x86)\Acer\clear.fi Client\MediaSharingSetting.exe (Acer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi\clear.fi.lnk -> C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program\Bluetooth Devices.lnk -> C:\Windows\System32\bthprops.cpl (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AUPEO!\AUPEO!.lnk -> C:\Program Files\Preload\AUPEO\AupeoSetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\AVD Manager.lnk -> C:\android-sdk-windows\AVD Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\SDK Manager.lnk -> C:\android-sdk-windows\SDK Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\Uninstall Android SDK Tools.lnk -> C:\android-sdk-windows\uninstall.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem\AcerSystem User Guide.lnk -> C:\book\Generic_User_Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem\AcerSystem User Quick Guide.lnk -> C:\Book\Quick Guide.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam\Acer Crystal Eye Webcam.lnk -> C:\Program Files (x86)\Acer\Acer Crystal Eye Webcam\WebCam.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager\Acer Backup Manager.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe (NTI Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer eRecovery Management.lnk -> C:\Program Files\Acer\Acer eRecovery Management\Recovery Management.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Updater.lnk -> C:\Program Files\Acer\Acer Updater\ALU.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Welcome Center.lnk -> C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Phone Flash\Samsung\SWUpgrade.lnk -> C:\Program Files (x86)\Samsung Electronics\SWUpgrade\Upgrade.exe ()
Shortcut: C:\ProgramData\Intel\ExtremeGraphics\CUI\Resource\Intel® HD Graphics.lnk -> C:\Windows\System32\GfxUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\CyberLink\PowerCinema\Extension\Extension.1.0.lnk -> C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\Highlight\Extension.1.0\Extension.1.0.xml ()
Shortcut: C:\Users\Default\Links\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader X.lnk -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\clear.fi.lnk -> C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (Acer Incorporated)
Shortcut: C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 6.0 .lnk -> C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\DRW.exe (CHENGDU YIWO Tech Development Co., Ltd)
Shortcut: C:\Users\Public\Desktop\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\Users\Public\Desktop\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\Users\Public\Desktop\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\MiniAide Fat32 Formatter Home Edition 1.05.lnk -> C:\Program Files (x86)\MiniAide Fat32 Formatter Home Edition\MiniAideFat32Formatter.exe ()
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\PlayMemories Home.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\SWUpgrade.lnk -> C:\Program Files (x86)\Samsung Electronics\SWUpgrade\Upgrade.exe ()
Shortcut: C:\Users\Public\Desktop\UltraDefrag.lnk -> C:\Program Files\UltraDefrag\ultradefrag.exe (UltraDefrag Development Team)
Shortcut: C:\Users\TeamTkac\Links\Desktop.lnk -> C:\Users\TeamTkac\Desktop ()
Shortcut: C:\Users\TeamTkac\Links\Downloads.lnk -> C:\Users\TeamTkac\Downloads ()
Shortcut: C:\Users\TeamTkac\Links\Dropbox.lnk -> C:\Users\TeamTkac\Dropbox ()
Shortcut: C:\Users\TeamTkac\Links\SkyDrive.lnk -> C:\Users\TeamTkac\SkyDrive ()
Shortcut: C:\Users\TeamTkac\Desktop\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\TeamTkac\Desktop\Google Chrome.lnk -> C:\Users\TeamTkac\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\TeamTkac\Desktop\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\TeamTkac\Desktop\Paint\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\Users\TeamTkac\Desktop\HP Printer\HP Print and Scan Doctor.lnk -> C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe ()
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk -> C:\Users\TeamTkac\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Users\TeamTkac\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\TeamTkac\Dropbox ()
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\TeamTkac\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UltraDefrag.lnk -> C:\Program Files\UltraDefrag\ultradefrag.exe (UltraDefrag Development Team)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Users\TeamTkac\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PlayMemories Home.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation)
Shortcut: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\UltraDefrag.lnk -> C:\Program Files\UltraDefrag\ultradefrag.exe (UltraDefrag Development Team)
ShortcutWithArgument: C:\Users\Public\Desktop\Netflix.lnk -> C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe () -> hxxp://homepage.acer.com/redirect.aspx?rid=09000001
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {B67BAFBA-4C9F-48FA-9496-933E3B255044} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home\PlayMemories Home Help.lnk -> C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation) -> /Help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Configure Picasa Photo Viewer.lnk -> C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe (Google Inc.) -> /reconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\inficon.exe () -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Add A Device.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}\hpzstub.exe (Hewlett-Packard) -> -addadevice
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Help.lnk -> C:\Program Files (x86)\HP\Digital Imaging\HelpViewer\hpqhvshm.exe (Hewlett-Packard Company) -> /product-class=HP Photosmart Premium C309g-m /lang=1033
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Product Registration.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Company) -> "HP Photosmart Premium C309g-m"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Uninstall.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}\setup\hpzscr40.exe (Hewlett-Packard) -> -datfile hposcr41.dat -onestop -forcereboot
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\USB to Wireless.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}\hpzstub.exe (Hewlett-Packard) -> -addadevice -usbtowireless
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter\Media Splitter Settings.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> splitter.ax,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth .lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec\Shredder.lnk -> C:\Program Files (x86)\EgisTec Shredder\x86\ShredConsole.exe (Egis Technology Inc.) -> -s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program\Uninstall Bluetooth Suite.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {230D1595-57DA-4933-8C4E-375797EBB7E1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Identity Card.lnk -> C:\Program Files (x86)\Acer\Identity Card\IdentityCard.exe (Acer Incoperated) -> Identity Card
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Public\Desktop\clear.fi Tutorial.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> "c:\Users\Public\Videos\clear.fi_tutorial.wmv" /fullscreen
ShortcutWithArgument: C:\Users\TeamTkac\Desktop\Dropbox.lnk -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Word\August%20invoice304026573758312393\August%20invoice.doc.lnk -> C:\Users\TeamTkac\Desktop\GooseWorks\August invoice.doc () -> 12
ShortcutWithArgument: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\TeamTkac\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniAide Fat32 Formatter Home Edition\MiniAide Fat32 Formatter Home Edition Help.url -> hxxp://www.fat-32-formatter.com/category/online-help?ref=MenuFat32Formatter
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniAide Fat32 Formatter Home Edition\MiniAide Fat32 Formatter Home Edition on the Web.url -> hxxp://www.fat-32-formatter.com/?ref=MenuFat32Formatter
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 6.0\Visit EaseUS on the Web.url -> hxxp://www.easeus.com/
InternetURL: C:\Users\TeamTkac\Favorites\Cowboy Steak Chili In A Crock Pot Recipe - Food.com.url -> hxxp://www.food.com/recipe/cowboy-steak-chili-in-a-crock-pot-289271
InternetURL: C:\Users\TeamTkac\Favorites\Free Cell Phones with New Cell Phone Plans - Shop Deals from Wireless Carriers - Wirefly.com.url -> hxxp://www.wirefly.com/?referringdomain=wirefly
InternetURL: C:\Users\TeamTkac\Favorites\Watches\Seiko 5 Sports Automatic Monster Diver SRP307J.url -> hxxp://www.creationwatches.com/products/seiko-automatic-watches-69/seiko-japan-made-automatic-monster-diver-srp307j-srp307-3627.html
InternetURL: C:\Users\TeamTkac\Favorites\Watches\SRP307J1 SRP307 Seiko 5 Sports Monster Automatic Divers Watch.url -> hxxp://www.sports-watch-store.com/srp307j1-srp307-seiko-5-sports-monster-automatic-divers-watch/?utm_source=googlepepla&utm_medium=adwords&id=80823774171
InternetURL: C:\Users\TeamTkac\Favorites\VirusRemoval\Malware Removal Forum Recommendations Norton Community.url -> https://community.no...recommendations
InternetURL: C:\Users\TeamTkac\Favorites\VirusRemoval\Please help me clean this desktop! - Virus, Spyware, Malware Removal.url -> hxxp://www.geekstogo.com/forum/topic/344743-please-help-me-clean-this-desktop/
InternetURL: C:\Users\TeamTkac\Favorites\Sleddogs\Hands on Learning at Michigan Symposium – Iditarod.url -> hxxp://iditarod.com/zuma/hands-on-learning-at-michigan-symposium/
InternetURL: C:\Users\TeamTkac\Favorites\Scrubs\ASICS GEL-Cumulus® 15 White-Black-Royal - Zappos.com Free Shipping BOTH Ways.url -> hxxp://www.zappos.com/asics-gel-cumulus-15-white-black-royal?channel=135&mr:referralID=cdc262b0-effb-11e2-a969-001b2166c2c0
InternetURL: C:\Users\TeamTkac\Favorites\Scrubs\http--www.shopariaapparel.com-UMSS.cfmpage=page-index.cfm&template_code=Cart.do&area=store.url -> hxxp://www.shopariaapparel.com/UMSS.cfm?page=page-index.cfm&template_code=Cart.do&area=store
InternetURL: C:\Users\TeamTkac\Favorites\Scrubs\Landau Uniform Scrubs-Landau Scrubs Landau Lab Coats Landau Shoes.url -> hxxp://garffscrubs.com/
InternetURL: C:\Users\TeamTkac\Favorites\Scrubs\Landau Uniforms Men's Cargo Pant Pants Aria Apparel 8555.url -> hxxp://www.shopariaapparel.com/Men%27s-Cargo-Pant.19047.1842.1.htm?UMParent=34
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\AHBA.url -> hxxp://www.ahba-herding.org/MainPage.php?AreaName=EventsCalendar
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\All Butter Crust for Sweet and Savory Pies (Pâte Brisée) Recipe Simply Recipes.url -> hxxp://www.simplyrecipes.com/recipes/all_butter_crust_for_sweet_and_savory_pies_pate_brisee/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Animal Behavior Associates, Inc. - Pet Behavior Wellness Experts.url -> hxxp://www.animalbehaviorassociates.com/index.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Assembly SimplePart.url -> hxxp://www.tonkinonlineparts.com/showAssembly.aspx?ukey_assembly=808171
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Better Dog Echo Dogs White Shepherd Rescue.url -> hxxp://www.cafepress.com/echodogsrescue/2875735
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Biscuit Recipes - Homemade Biscuits Recipe.url -> hxxp://oldfashionedliving.com/biscuits.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Cool Running Beginner Half Marathon Program.url -> hxxp://www.coolrunning.com/engine/2/2_4/134.shtml
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Dog Kennels, Dog Pens, Flooring, Kennel Roofing and Insulated Dog Houses by Options Plus Dog Kennels..url -> hxxp://www.optionspluskennels.com/index.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\DogAware.com Articles Heartworm Prevention in Dogs.url -> hxxp://dogaware.com/articles/wdjheartwormprevention.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\DoggieDrawings.net Free Downloads (Donations welcome).url -> hxxp://www.doggiedrawings.net/#!freeposters/ckm8
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\DogTrialEntry.com a Participant Events partnership.url -> hxxp://www.dogtrialentry.com/@USBCHA_SheepList.php
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\DPX500BT-DPX300U.url -> hxxp://manual.kenwood.com/ce/im369/NorthAmerica/English(en)/IM369_13-2DIN_K_r1-59.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Easy Cinnamon Brown Sugar Coffee Cake Recipe Just A Pinch Recipes.url -> hxxp://www.justapinch.com/recipes/dessert/cake/coffee-cake-easy-cinnamon-brown-sugar.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\eggbeater pie!.url -> hxxp://eggbeater.typepad.com/shuna/2005/06/pie.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Eye Of Round Roast Recipe - Food.com - 152948.url -> hxxp://www.food.com/recipe/eye-of-round-roast-152948
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Fall-Apart-Tender Slow-Roast Pork recipe.url -> hxxp://www.ochef.com/r49.htm
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Farm Fresh Stories.url -> hxxp://www.farmfreshforensics.com/farm_blog
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Fluffy Biscuits Recipe - Allrecipes.com.url -> hxxp://allrecipes.com/recipe/fluffy-biscuits/detail.aspx
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Fort 2 Base Seek the Challenge!.url -> hxxp://www.fort2base.com/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\General Border Collie Discussion - BC Boards.url -> hxxp://www.bordercollie.org/boards/index.php?showforum=6
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Gorgeous Guineas.url -> hxxp://www.gorgeousguineas.co.uk/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Green Gardens Community Farm Producing safe, healthy, fresh, local and delicious food with the earth in mind..url -> hxxp://www.greengardensfarm.com/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Healthy Crock Pot Chili Recipe - Low-cholesterol.Food.com - 51526.url -> hxxp://www.food.com/recipe/Healthy-Crock-Pot-Chili-51526
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Home Certifedhumane.org.url -> hxxp://www.certifiedhumane.org/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Home Dog Training, Puppy Training, Behavior, Electronic Collars.url -> hxxp://www.inhomedogtrainer.com/mp_includes/pages.asp?id=1006
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Homemade Black Bean Burgers WholeFoodsMarket.com.url -> hxxp://www.wholefoodsmarket.com/recipes/2565
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Homemade Black Bean Veggie Burgers Recipe - Allrecipes.com.url -> hxxp://allrecipes.com/Recipe/Homemade-Black-Bean-Veggie-Burgers/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Homemade Corn Tortillas – Part Two How to Make Masa CHEESESLAVE.url -> hxxp://www.cheeseslave.com/homemade-corn-tortillas-part-two/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\How to Make Corn Tortillas, Homemade Tortilla Recipe Simply Recipes.url -> hxxp://www.simplyrecipes.com/recipes/how_to_make_corn_tortillas/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\http--red.food.com-recipe-grilled-chicken-breast-with-creamy-red-pepper-sauce-72069.url -> hxxp://red.food.com/recipe/grilled-chicken-breast-with-creamy-red-pepper-sauce-72069
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Inbox - GM Inside News Forum.url -> hxxp://www.gminsidenews.com/forums/private.php
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Kellogg Community Federal Credit Union - Home.url -> https://www.kelloggc...u.org/home/home
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Mexican Lasagna Recipe Vegetarian Times.url -> hxxp://www.vegetariantimes.com/recipe/mexican-lasagna/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Moving Comfort Sports bras for running, yoga, and the gym.url -> hxxp://www.movingcomfort.com/Sports-Bras/sportsbras,default,sc.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\My Favorite Turkey Brine The Pioneer Woman Cooks Ree Drummond.url -> hxxp://thepioneerwoman.com/cooking/2010/10/my-favorite-turkey-brine/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\New Conversion Vans - Preowned & Used Conversion Van Dealer.url -> hxxp://www.gmcconversionvans.com/index.htm
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\OAKHAVEN LABRADORS - HOME.url -> hxxp://www.oakhavenlabradors.com/home.cfm
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Paleo Diet Lifestyle paleo diet tips and recipes.url -> hxxp://paleodietlifestyle.com/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Plans JOINTHEREBOOT.url -> hxxp://www.jointhereboot.com/plans/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Pleural Mesothelioma - Albert Tkac.url -> hxxp://www.mesothel.com/asbestos-cancer/mesothelioma/patient-profiles/tkac.htm
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Raw Fed Dogs - Natural Prey Model Rawfeeding Diet.url -> hxxp://rawfeddogs.org/rawguide.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\rawpaws.org.url -> hxxp://rawpaws.org/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Root Beer Pot Roast, Seriously « Main Dish «.url -> hxxp://www.restlesschipotle.com/2009/03/root-beer-pot-roast-seriously/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Runningfit - RunLegend.url -> hxxp://www.runlegend.com/content/view/4/5/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Russian Sweet and Sour Cabbage Soup The Food Maven - Arthur Schwartz.url -> hxxp://www.thefoodmaven.com/soup/rus_cab.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Samsung Galaxy S4 Cases S4 Screen Protectors SPIGEN SGP.url -> hxxp://www.spigen.com/cell-phone/samsung/galaxy-s4-cases.html
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Seating Charts - SeatingCharts.com.url -> hxxp://www.seatingcharts.com/buy_tickets/2028518/tickets.asp?tn_list
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Texas Pork Ribs Recipe - Allrecipes.com.url -> hxxp://allrecipes.com/recipe/texas-pork-ribs/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\The Best Protection Dogs Military Dogs Security Dogs Trikos.url -> hxxp://trikos.com/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\The Nader Page writings from Ralph Nader.url -> hxxp://nader.org/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\TURKAYANATOLIANS.COM.url -> hxxp://turkayanatolians.com/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Used 2008 Chevrolet TrailBlazer 4DR 4WD For Sale Pinckney MI ..url -> hxxp://www.pinckneychrysler.com/used/Chevrolet/2008-Chevrolet-TrailBlazer-dcc52f260a0a00e0009b3b0c25fb920b.htm
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Whirlpool Appliance LSQ8520JQ0 PartSelect.url -> hxxp://www.partselect.com/AdvancedModelSearch.aspx?ModelNum=LSQ8520JQ0&mfgModelNum=&fkMfgID=3
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\WWMT NEWSCHANNEL 3 Grand Rapids, Battle Creek and Kalamazoo News.url -> hxxp://www.wwmt.com/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\YouTube to MP3 Converter - Video2mp3.url -> hxxp://www.video2mp3.net/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Trailblazer\0 Carriage Works Billet Grille - Chrome, Brushed & Black Billet Grilles - 875+ Reviews.url -> hxxp://www.autoanything.com/billet-grilles/61A1723A0A0A2182829.aspx
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Trailblazer\CL-6 EMB.url -> hxxp://cdtstore.com/megabass/cl6emb.htm
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Trailblazer\Continental CrossContact LX20 - Free Delivery Available TireBuyer.com.url -> hxxp://www.tirebuyer.com/tires/continental/crosscontact-lx20/p/tv119001174
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Trailblazer\Kenwood KSC SW11 Compact Powered Subwoofer Aluminum Enclosed eBay.url -> hxxp://www.ebay.com/itm/KENWOOD-KSC-SW11-COMPACT-POWERED-SUBWOOFER-ALUMINUM-ENCLOSED-/281089171418?rt=nc&_trksid=p2047675.m1851&_trkparms=aid%3D222002%26algo%3DSIC.FIT%26ao%3D1%26asc%3D163%26meid%3D6869966509377357402%26pid%3D100005%26prg%3D1088%26rk%3D2%26sd%3D161005115387%26
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Trailblazer\My 2008 Ford Expedition Limited ownership experience, maintenance, defects, add-ons, service tips and more.url -> hxxp://baumbach.com/baumbach.com/Expedition/
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Trailblazer\New Speaker-Amp-Powered Sub Install - Chevy TrailBlazer, TrailBlazer SS and GMC Envoy Forum.url -> hxxp://forums.trailvoy.com/showthread.php?t=94854
InternetURL: C:\Users\TeamTkac\Favorites\Ronda\Trailblazer\Sound Ordnance™ B-8PT 120-watt compact powered subwoofer at Crutchfield.com.url -> hxxp://www.crutchfield.com/p_777B8PT/Sound-Ordnance-B-8PT.html?tp=114
InternetURL: C:\Users\TeamTkac\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\TeamTkac\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\TeamTkac\Favorites\Links\amazon.com Online Shopping for Electronics, Apparel, Computers, Books, DVDs & more.url -> hxxp://www.amazon.com/
InternetURL: C:\Users\TeamTkac\Favorites\Links\Cart.url -> hxxp://payments.ebay.com/ws/eBayISAPI.dll?ShopCart&ssPageName=CART:HDR
InternetURL: C:\Users\TeamTkac\Favorites\Links\Electronics, Cars, Fashion, Collectibles, Coupons and More eBay.url -> hxxp://www.ebay.com/
InternetURL: C:\Users\TeamTkac\Favorites\Links\Epic 4G Android Development - xda-developers.url -> hxxp://forum.xda-developers.com/forumdisplay.php?f=716
InternetURL: C:\Users\TeamTkac\Favorites\Links\Google.url -> hxxp://www.google.com/
InternetURL: C:\Users\TeamTkac\Favorites\Links\if-you-believe.url -> hxxp://www.bongino.com/if-you-believe/
InternetURL: C:\Users\TeamTkac\Favorites\Links\Infinity Reference Ref 6502IX 6 3 4 2 Way Car Speakers New 6502IX w Warranty 050667368432 eBay.url -> hxxp://www.ebay.com/itm/Infinity-Reference-REF-6502IX-6-3-4-2-Way-Car-Speakers-NEW-6502IX-W-WARRANTY-/290876083807?pt=Car_Speakers&hash=item43b990ce5f
InternetURL: C:\Users\TeamTkac\Favorites\Links\Location Search - Domino's Pizza, Order Pizza Online for Delivery - Dominos.url -> https://order.domino...en/pages/order/
InternetURL: C:\Users\TeamTkac\Favorites\Links\Sign in to Comcast.url -> https://login.comcas...a&r=comcast.net
InternetURL: C:\Users\TeamTkac\Favorites\Links\Subscribed Threads and Forums - XDA Forums.url -> hxxp://forum.xda-developers.com/subscribed
InternetURL: C:\Users\TeamTkac\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
InternetURL: C:\Users\TeamTkac\Favorites\Links\Top Stories.url -> hxxp://us.mg204.mail.yahoo.com/dc/launch?.partner=sbc&.gx=1&.rand=495ir2h9o9e1b#
InternetURL: C:\Users\TeamTkac\Favorites\Links\Watches - Private sellers and Sponsors.url -> hxxp://forums.watchuseek.com/f29/?sort=views&order=asc
InternetURL: C:\Users\TeamTkac\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\TeamTkac\Favorites\Links\YouTube - Broadcast Yourself.url -> hxxp://www.youtube.com/
InternetURL: C:\Users\TeamTkac\Favorites\Golf\Aprilaire 2210 26 3-4W x 6 3-4D x 22 1-16H Inch Non-Electric, Whole-House Air Cleaner.url -> hxxp://www.alpinehomeair.com/viewproduct.cfm?productID=453059851
InternetURL: C:\Users\TeamTkac\Favorites\Golf\Pure Performance Golf Lab- Custom Golf Shop.url -> hxxp://www.pureperformancegolflabs.com/
InternetURL: C:\Users\TeamTkac\Favorites\Fitness\http--corporatewellness.borgess.com-westmichigancancer-default.aspx.url -> hxxp://corporatewellness.borgess.com/westmichigancancer/default.aspx
InternetURL: C:\Users\TeamTkac\Favorites\Desktop\WallpapersWide.com Free High Resolution Desktop Wallpapers for Widescreen, HD, Mobile Page 1.url -> hxxp://wallpaperswide.com/
InternetURL: C:\Users\TeamTkac\Favorites\Computer\Guide to DARK TREMOR app2sd script- - xda-developers.url -> hxxp://forum.xda-developers.com/showthread.php?t=1530270
InternetURL: C:\Users\TeamTkac\Favorites\Computer\How to setup a2sd or apps2sd.url -> hxxp://therootofallevo.com/2011/04/10-step-guide-properly-set-darktremors-a2sd/
InternetURL: C:\Users\TeamTkac\Favorites\Computer\HTC Supersonic EVO 4G - xda-developers.url -> hxxp://forum.xda-developers.com/forumdisplay.php?f=619
InternetURL: C:\Users\TeamTkac\Favorites\Computer\http--review.cyanogenmod.org-.url -> hxxp://review.cyanogenmod.org/
InternetURL: C:\Users\TeamTkac\Favorites\Computer\Index of -nuclearmistake-VanirAOSPNightlies.url -> hxxp://www.emccann.net/nuclearmistake/VanirAOSPNightlies/
InternetURL: C:\Users\TeamTkac\Favorites\Computer\Vehicle Power Cable Garmin -.url -> https://buy.garmin.c...p.do?pID=112879
InternetURL: C:\Users\TeamTkac\Favorites\Computer\[Revised] Rooting Gingerbread 2.3.5 Dummies Guide - Android Forums.url -> hxxp://androidforums.com/evo-4g-all-things-root/488901-revised-rooting-gingerbread-2-3-5-dummies-guide.html
InternetURL: C:\Users\TeamTkac\Favorites\Computer\[UPDATED NOV11] AROMA Android 4.2 WALLET! Launcher + Wallpapers + Sounds Mega Thread - xda-developers.url -> hxxp://forum.xda-developers.com/showthread.php?t=1965895
InternetURL: C:\Users\TeamTkac\Favorites\Campers\amazon.com Exide 34MDCORB Orbital Sealed Deep-Cycle VRLA AGM Marine-RV Battery Automotive.url -> hxxp://www.amazon.com/Exide-34MDCORB-Orbital-Deep-Cycle-Battery/dp/B009AMLJ86/ref=sr_1_7?s=automotive&ie=UTF8&qid=1369011816&sr=1-7&keywords=exide+agm+battery
InternetURL: C:\Users\TeamTkac\Favorites\Campers\Brake Controller for 2008 Chevrolet TrailBlazer - Tekonsha 90195.url -> hxxp://www.etrailer.com/Brake-Controller/Chevrolet/TrailBlazer/2008/90195.html?vehicleid=2008106318
InternetURL: C:\Users\TeamTkac\Favorites\Campers\EZ Hitch Adjustable, Steel Ball Mount Kit w- 2 Hitch Balls - 4 Drop or Rise - 10,000 lbs Andersen Ball Mounts AM3290.url -> hxxp://www.etrailer.com/Ball-Mounts/Andersen/AM3290.html
InternetURL: C:\Users\TeamTkac\Favorites\Campers\http--www.gillettesinterstaterv.com-cf-shopmast-productresultsp.cfmmanufacturerid=46.url -> hxxp://www.gillettesinterstaterv.com/cf/shopmast/productresultsp.cfm?manufacturerid=46
InternetURL: C:\Users\TeamTkac\Favorites\Campers\http--www.keystonervcenter.com-2013-jayco-jay-flight-swift-slx-185rb-new-travel-trailer-pa-i803465.url -> hxxp://www.keystonervcenter.com/2013-jayco-jay-flight-swift-slx-185rb-new-travel-trailer-pa-i803465
InternetURL: C:\Users\TeamTkac\Favorites\Campers\http--www.vicarstrailersales.com-2013-gulf-stream-ameri-lite-19rbc-new-travel-trailer-mi-i405613.url -> hxxp://www.vicarstrailersales.com/2013-gulf-stream-ameri-lite-19rbc-new-travel-trailer-mi-i405613
InternetURL: C:\Users\TeamTkac\Favorites\Campers\Isotonic® TheraGel® 2” Mattress Topper with Active Air Technology™.url -> hxxp://www.costco.com/Isotonic%c2%ae-TheraGel%c2%ae-2%e2%80%9d-Mattress-Topper-with-Active-Air-Technology%e2%84%a2.product.100047959.html
InternetURL: C:\Users\TeamTkac\Favorites\Campers\MARSHALL EXCELSIOR MER611-24 - Marshall Excelsior Lp Hose 24 Low Pressure MER611-24 - RV Plus.url -> hxxp://www.rvplus.com/marshall-excelsior-lp-hose-24in-low-pressure-mer611-24.html
InternetURL: C:\Users\TeamTkac\Favorites\Campers\Mattress Pads- Adjustable Bed, Split Top Bed, Round, RV, Boat, Custom any size.url -> hxxp://www.bedderbedding.net/index.cfm/fuseaction/category.display/category_ID/10
InternetURL: C:\Users\TeamTkac\Favorites\Calorie Counter\Calorie Calculator - Daily Caloric Needs.url -> hxxp://www.freedieting.com/tools/calorie_calculator.htm
InternetURL: C:\Users\TeamTkac\Favorites\Calorie Counter\Emily's Chipotle Chili Recipe - Allrecipes.com.url -> hxxp://allrecipes.com/recipe/emilys-chipotle-chili/
InternetURL: C:\Users\TeamTkac\Favorites\Ashlyn\http--www.michiganlegion.org-pdfs-2012programs-2012StuTrooper.pdf.url -> hxxp://www.michiganlegion.org/pdfs/2012programs/2012StuTrooper.pdf
InternetURL: C:\Users\TeamTkac\Favorites\Ashlyn\Valspar Paint.url -> hxxp://www.valsparpaint.com/en/index.html
InternetURL: C:\Users\TeamTkac\Favorites\Acer\eBay.url -> hxxp://rover.ebay.com/rover/1/711-66992-24801-1/4
InternetURL: C:\Users\TeamTkac\Desktop\HP Printer\HP Printer Diagnostic Tools.url -> hxxp://h20180.www2.hp.com/apps/Nav?h_pagetype=s-926&h_lang=en&h_client=s-h-e016-1&h_keyword=dg-THD&jumpid=ex_r4155/hho/ipg/ccdoc/trailhead_doc
InternetURL: C:\Users\TeamTkac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
==================== End of log =============================
ADW CLEANER LOG
# AdwCleaner v4.101 - Report created 13/11/2014 at 19:07:21
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : TeamTkac - TEAMTKAC-PC
# Running from : C:\Users\TeamTkac\Desktop\VirusMalware Removal\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ssafeweb
Folder Deleted : C:\ProgramData\bef0c90608e9258d
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\TeamTkac\AppData\Local\Tuguu_SL
Folder Deleted : C:\Users\TeamTkac\AppData\Roaming\ValueApps
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\a57d68ab03dba10
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\firstsearch
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\adbabylon.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetcouch.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\thesweethome.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweetcouch.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1 (x86 en-US)
-\\ Google Chrome v
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3308837&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPBC01FF57-0B25-4A5A-9540-C31225AEC06E&q={searchTerms}&SSPV=
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3308837&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPBC01FF57-0B25-4A5A-9540-C31225AEC06E&q={searchTerms}&SSPV=
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
-\\ Comodo Dragon v
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3308837&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPBC01FF57-0B25-4A5A-9540-C31225AEC06E&q={searchTerms}&SSPV=
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3308837&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPBC01FF57-0B25-4A5A-9540-C31225AEC06E&q={searchTerms}&SSPV=
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\TeamTkac\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [8040 octets] - [11/11/2014 19:39:11]
AdwCleaner[R1].txt - [8396 octets] - [13/11/2014 19:05:57]
AdwCleaner[S0].txt - [8735 octets] - [13/11/2014 19:07:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8795 octets] ##########
FSS LOG
Farbar Service Scanner Version: 21-07-2014
Ran by TeamTkac (administrator) on 13-11-2014 at 19:12:33
Running from "C:\Users\TeamTkac\Desktop\VirusMalware Removal"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Trusted Helper
Hi, thanks for the logs. Things are looking pretty good now.
Let's perform the following fixlist and then a scan for residual files.
Step 1
FRST Fix
If FRST64.exe is not on your desktop, please download Farbar Recovery Scan Tool and save it to your desktop.
fixlist.txt 145bytes
121 downloads and save it to your desktop <<< very important - it must be in the same location as FRST64.exe and run as administrator. When the tool opens click Yes to the disclaimer.Step 2
ESET Online Scanner
Please run a free online scan with the ESET Online Scanner
<< Please disable any existing anti virus product before performing the following. >>
Note: You will need to use Internet Explorer or Firefox (You will be prompted to install a helper program if you use firefox)for this scan.
Important: Please disable your existing AV software for the duration of the scan. If you need instructions on how to disable it, please check out this site: http://www.bleepingc...lware-programs/
Items I need to see in your next post:
Member
Ruggie - the FRST fix pgm finished really fast - still seems to be running OK - noticed the online scan produced a lot of "threats" (600+), however no mention in the log file.
FRST LOG
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-11-2014 02
Ran by TeamTkac at 2014-11-14 09:15:05 Run:3
Running from C:\Users\TeamTkac\Desktop\VirusMalware Removal
Loaded Profile: TeamTkac (Available profiles: TeamTkac)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
HKU\S-1-5-21-563202287-1717114301-743867805-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
end
*****************
"HKU\S-1-5-21-563202287-1717114301-743867805-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
==== End of Fixlog ====
ESET LOG
SETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Trusted Helper
Hi.
Lets try a different scanner. It happens sometimes with ESET.
Bitdefender Online Scan
Member
Ruggie - Bitdefender log below:
QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Fri Nov 14 19:20:09 2014
Machine ID: AA8C41FA
No infection found.
-------------------
Processes
---------
Ath_Coex Application 2404 C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
hpwuSchd Application 4772 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
Acer Backup Manager 4724 C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
Acer clear.fi 3652 C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
Adobe Acrobat Update Service 1664 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
avast! Antivirus 1348 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
avast! Antivirus 4824 C:\Program Files\AVAST Software\Avast\avastui.exe
Backup Manager 1212 C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
Communicator.exe 6272 C:\ProgramData\HP Photo Creations\Communicator.exe
CyberLink DMREngine 3104 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
Dritek WMI Service 1916 C:\Program Files (x86)\Launch Manager\dsiwmis.exe
Garmin Core Update Service 5112 C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
Glary Utilities 5272 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
Global Registration Service 1056 C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
Google Toolbar for Internet Explorer 5208 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
Google Toolbar for Internet Explorer 5816 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
Google Update 3900 C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
Google Update 2960 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
GPCore COM object 5484 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
HP Digital Imaging 5216 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
HP Digital Imaging 5140 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
HP Digital Imaging 4512 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IAStorDataSvc 6972 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Intel® Active Management Technology L 7100 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
Intel® Management and Security Applic 6288 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
Internet Explorer 3576 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Internet Explorer 3976 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Internet Explorer 6768 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Java™ Platform SE Auto Updater 4816 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Launch Manager 3572 C:\Program Files (x86)\Launch Manager\LManager.exe
Launch Manager utility process 1964 C:\Program Files (x86)\Launch Manager\LMutilps32.exe
Launch Manager Worker 264 C:\Program Files (x86)\Launch Manager\LMworker.exe
PlayMemories Home 2108 C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
Updater 1360 C:\Program Files\Acer\Acer Updater\UpdaterService.exe
Yahoo! Mail 2372 C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
YSLoader.exe 1748 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(verified) GoogleToolbarNotifier 3468 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Microsoft® Windows® Operating System 1180 C:\Windows\SysWOW64\svchost.exe
(verified) Yahoo! AutoUpdater 2312 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
Network activity
----------------
Process AvastSvc.exe (1348) connected on port 80 (HTTP) --> 77.234.41.64
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 54.243.78.190
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 54.243.78.190
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 74.125.225.25
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 74.125.225.25
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 72.21.81.253
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 72.21.81.253
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 66.235.141.146
Process iexplore.exe (3576) connected on port 80 (HTTP) --> 66.235.141.146
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.235.175.28
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.235.175.28
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 23.23.105.74
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.165.169.34
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 173.193.244.36
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 173.193.244.36
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 63.135.90.150
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.23.212.46
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 216.52.92.111
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 192.35.249.123
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 216.52.92.111
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 199.16.172.95
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 23.210.5.138
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 199.16.172.121
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.235.175.28
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 23.23.144.254
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 23.23.144.254
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.21.222.163
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.21.222.163
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.165.169.34
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.23.212.46
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.20.176.95
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.20.176.95
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 192.35.249.123
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 192.35.249.123
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 192.35.249.123
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 192.35.249.123
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.165.169.34
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.21.222.163
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.165.169.34
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 50.116.194.21
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 173.193.244.36
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 54.241.249.102
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.22.255.44
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.22.255.44
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 173.193.244.36
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 50.116.194.21
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.23.212.46
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 107.23.212.46
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 23.222.117.142
Process iexplore.exe (3976) connected on port 80 (HTTP) --> 23.222.117.142
Process AvastSvc.exe (1348) listens on ports: 27275
Process DMREngine.exe (3104) listens on ports: 50002
Autoruns and critical files
---------------------------
hpwuSchd Application C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
Acer Backup Manager C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Adobe® Flash® Player Update Service C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
avast! Antivirus C:\Program Files\AVAST Software\Avast\avastui.exe
Dolby Profile Selector C:\Dolby PCEE4\pcee4.exe
Express Tray C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
Glary Utilities C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Glary Utilities C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Google Update C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe
HD Audio Background Process C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
HP Digital Imaging C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Java™ Platform SE Auto Updater C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Launch Manager C:\Program Files (x86)\Launch Manager\LManager.exe
Microsoft® Windows® Operating System C:\Windows\system32\ssText3d.scr
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Power Management C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
Realtek HD Audio Manager C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Yahoo! Mail C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
(verified) GoogleToolbarNotifier C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Browser plugins
---------------
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Bluetooth Software c:\program files (x86)\bluetooth suite\ieplugin.dll
Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
Google Toolbar for Internet Explorer C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
Google Update C:\Users\TeamTkac\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
HP Smart Web Printing c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll
HP Smart Web Printing c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
IE Webrep plugin c:\program files\avast software\avast\aswwebrepie.dll
Internet Explorer c:\windows\syswow64\ieframe.dll
Java Deployment Toolkit 7.0.710.14 C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
Java™ Platform SE 7 U71 c:\program files (x86)\java\jre7\bin\jp2ssv.dll
Java™ Platform SE 7 U71 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
Java™ Platform SE 7 U71 c:\program files (x86)\java\jre7\bin\ssv.dll
Microsoft Office 2010 c:\program files (x86)\microsoft office\office15\urlredir.dll
Microsoft Office 2013 c:\program files (x86)\microsoft office\office15\grooveex.dll
Microsoft Office 2013 C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL
Microsoft Office 2013 c:\program files (x86)\microsoft office\office15\ochelper.dll
Microsoft Office 2013 C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
Microsoft® CoReXT c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows® Operating System C:\Windows\system32\MSWSOCK.dll
Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
nppdf32.DEU C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.DEU
nppdf32.FRA C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.FRA
nppdf32.JPN C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.JPN
Picasa C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
QuickTime Plug-in 7.7.4 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.4 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.4 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.4 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.4 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
Windows Live Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
Scan
----
MD5: e6cc0fa3c1040c791eb3f4ba6c789411 C:\Dolby PCEE4\pcee4.exe
MD5: 61b6fb932cf78cab7a1ef9f118a1a38e C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MD5: d5d8d0d64f410b9f05e2bc00ec92efc2 C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
MD5: d8db57c88d480e4c8ae037c2fe15e93b C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\Common\CLRCEngine3.dll
MD5: a54149e161dd9e5307d97de7414bc6fa C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLHttpDownload.dll
MD5: 6fcbeba6fca3133e6ed9be35d7390d37 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MD5: b74d932ecdaa68e69d4ae57d66ffb2a9 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetShow.dll
MD5: 61b6fb932cf78cab7a1ef9f118a1a38e C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
MD5: c9b2d1d3f86fd3673ef847def73b6f9e C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
MD5: 5232105d125a448e99d8c905ab4713ee C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 1d1c5e029f0742f04f88c16e7a6ab0e0 C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
MD5: a8336d810f2f5da3f7d10644ef9698a6 c:\program files (x86)\bluetooth suite\ieplugin.dll
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: 47ea5f76fab723c61ab4a0d79bad512c C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: c5679e5186b2fc95bc76a8a9870d5456 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: 29158b1dc3f86d4b0d6a127fe586adff C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: 8eaeb0ed23a98de0f0c812d756e47ce9 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: 6bdf91038cb78269b8063617597a6d4f C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 461299398e15909598b7002b3faabce8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 54023df1a9a7d481b4762b09ecca330f C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll
MD5: 5760b2b5baa3449c045b6fa222205f60 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: bce7dd8098ce6dd28ee2b0d5d5028b47 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: 922563953e405aa9762f90778b711f77 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 4edb186c455cdeada24a708aab884ae3 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: ea6c35ebf9f3ed65724e1d65f09e6e7f C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: 2ec5693e2ee393f3a97bbb6c46d67779 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 57a6362d71b5003c48ee21f2dbb624b1 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: e26e6a97b94304f78b3a2d85c6056cc2 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.DLL
MD5: 725ab72d5dd462f2edaf1a6c59c8cfb5 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 221564cc7be37611fe15eacf443e1bf6 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 3e40bd88f9c0919e7a73d5e070688666 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 304a778141afaa9ad2a5f91ad691a159 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: 5332ec2ba1c112bd4bb1f38127848fef C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
MD5: 14d6542607acd4b2d1ddb1a36e0d8813 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MD5: bb0667b0171b632b97ea759515476f07 C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
MD5: 29629208bed94c3e70b0a6c2fab61a3f C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
MD5: cf39a105cd553eed31e2255aff4c6742 c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
MD5: 12b79422a23814429cda9e734c58f78f C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: d51d323aad1ae234760aedba10c05a66 C:\Program Files (x86)\Garmin\Core Update Service\ANT_WrappedLib.dll
MD5: 75355d591ffed68a6feabcc3592380a4 C:\Program Files (x86)\Garmin\Core Update Service\DSI_SiUSBXp_3_1.DLL
MD5: 1412af9a55bcc400e03ff3296c23deaa C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
MD5: 34cc1fe48cc839a04316e4d42aa73437 C:\Program Files (x86)\Garmin\Core Update Service\legacyio.dll
MD5: 404e41e5f11490cc1b11afa2bfaa241f C:\Program Files (x86)\Garmin\Core Update Service\XercesLib.dll
MD5: 72157a2052c12c5c2e2c51be647e1206 C:\Program Files (x86)\Garmin\Core Update Service\XMLdll.dll
MD5: ed5a9d4c81eb2474185f092c2e2ca52f C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
MD5: 4c00ba9dbde856b05f3613dc19b6cf2d C:\Program Files (x86)\Glary Utilities 5\AppMetrics.dll
MD5: f3f5fd95e989eaabeb955cb301c423ca C:\Program Files (x86)\Glary Utilities 5\Backup.dll
MD5: 7b2a2be8f22258e36cd59eee66effb41 C:\Program Files (x86)\Glary Utilities 5\BootTime.dll
MD5: a3102fa6a166124c429127071a8241a0 C:\Program Files (x86)\Glary Utilities 5\CheckUpdate.dll
MD5: 443792773779c60af361e091fcb9e432 C:\Program Files (x86)\Glary Utilities 5\Config.dll
MD5: cdb7d4e333e9338f51a6e2dd8aa95741 C:\Program Files (x86)\Glary Utilities 5\CrashReport.dll
MD5: 4f4fdafb0f16b63cb3a79bd4ac7d7b89 C:\Program Files (x86)\Glary Utilities 5\dbghelp.dll
MD5: abaf34ff0dba67f3fbde50781cdd9dd6 C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
MD5: 30a14393c2d5a3d9528df9cb7df393b0 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
MD5: b008a3b6250a72001539b0ec4c268c1e C:\Program Files (x86)\Glary Utilities 5\Languages.dll
MD5: 2375cef7b3e4d6fdfd7d45308e2b1592 C:\Program Files (x86)\Glary Utilities 5\LockDll.dll
MD5: 3276908927065e1cdaaf2166dea7bf72 C:\Program Files (x86)\Glary Utilities 5\Log.dll
MD5: 92caf1c2416264d9a5fdc745663ba6f7 C:\Program Files (x86)\Glary Utilities 5\machinecode.dll
MD5: 00a9b70c96e837eb34bf0d7a4b2c46cb C:\Program Files (x86)\Glary Utilities 5\ObjectAdmin.dll
MD5: e64b163d81632da151034e5bfd352da4 C:\Program Files (x86)\Glary Utilities 5\RestoreCenter.dll
MD5: 3df5e9b48fa53b31a4fbb1b2a0b4aa30 C:\Program Files (x86)\Glary Utilities 5\settings.dll
MD5: 90ef2b2acde671919dd70f9b377a7a3a C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
MD5: bb8bb29abbd0d34401b56c9f257dd368 C:\Program Files (x86)\Glary Utilities 5\TracksEraser.dll
MD5: b5687a10d1c9bf56c7d89d3461602573 C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
MD5: 5b92cb0a3eee50f6b9ae036b4f9b0f0c C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
MD5: 6fffd47eb8cc3a6ca44619f16a7d0ae6 C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_8E471B27054D20F5.dll
MD5: d2d2a0e0ecd8a2ea750d6be34337d00d C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_0A4439FF67F61065.dll
MD5: 81590207a8efab40bafe743d8073eb9b C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
MD5: e8b7fd67da14a7be57a5cb80e3139e60 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
MD5: aeb43d2a8158fb535f48f440cc266953 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\gtn.dll
MD5: d3088606c810a355eae9b9056c9b5392 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
MD5: 9419aa8a2799526ec32b473c2bb7a10d C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
MD5: cb8c1cc4f46fbac78150754d77460c73 C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
MD5: 0562df97934fc271893bd916a0262e6d C:\Program Files (x86)\Google\Update\1.3.25.11\goopdate.dll
MD5: d2377c9458efeb094e38b8c874aa214c C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
MD5: 51508f0c2476177e50c31b0bbfbf1bdb C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
MD5: ad844cb51beae104d17acce79f53b0a4 C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
MD5: 3f19743028903021f19b8beda154dfea C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
MD5: 469533cc7f16566be9d3436860e12013 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
MD5: 8480cef5aa9a19337762f193ab22d4e1 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
MD5: 251b891b8351bb7634f03aceff20bdff C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
MD5: 11aaec8bb512262f07c191accee205d8 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
MD5: eaa666e9dd8dcda6e075087091cb85ee C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
MD5: c66376234c25d1fb4f5f376ce2923dbf C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
MD5: f37882f128efacefe353e0bae2766909 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
MD5: c637fc4638a96165256b28d38de7b953 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
MD5: 50c7ce53ef461870410355f1f2e7d515 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
MD5: d480c9220bfe667de65a46cde80ea7e9 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
MD5: 374ebda379a8f38e0cfc2211611e7167 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
MD5: 122f89e0905fc656d56f65cd7a2e9b4d C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
MD5: 983fc69644ddf0486c8dfea262948d1a C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
MD5: cffd30379256a23678247c61060ec70c C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
MD5: 1e00ae49880d32903ef5e96581836b15 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
MD5: d5f2109320aff2637ef867752186a48d C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MD5: 921751900e45220dd281fda3d34ce39a C:\Program Files (x86)\Internet Explorer\IEShims.dll
MD5: 591c6fd1541bafaeee82b1f5831c8532 C:\Program Files (x86)\Internet Explorer\iexplore.exe
MD5: b5371d2c9017eee216b5361d600b3543 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: 1ed046d972b98e0adec4d4d61bf37695 C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
MD5: 9b8a7ceb7329e2907bff1bff30a67a99 c:\program files (x86)\java\jre7\bin\jp2ssv.dll
MD5: bbf0479c2d30519a2e746d12cae54b43 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
MD5: 5f58e2969759892272d8313a23a4e962 c:\program files (x86)\java\jre7\bin\ssv.dll
MD5: 01d461c0cc749ac06e6b2c75627eb384 C:\Program Files (x86)\Launch Manager\aipflib.dll
MD5: 632a6d75feeabc846ee9aec33345ef34 C:\Program Files (x86)\Launch Manager\CDRomUtl.dll
MD5: a07f12fa297f3f074d496b333c259afa C:\Program Files (x86)\Launch Manager\ComFnUtl.dll
MD5: 9dd3a22f804697606c2b7ff9e912ff6b C:\Program Files (x86)\Launch Manager\dsiwmis.exe
MD5: 9abc4e3b00cfa3a47d5569f5b49fe42f C:\Program Files (x86)\Launch Manager\LManager.exe
MD5: 352cc5f802d8ede1faae6d3e50664958 C:\Program Files (x86)\Launch Manager\LmSmbKel.dll
MD5: 21acfd2b4bf6c0f4d9080a437e400e88 C:\Program Files (x86)\Launch Manager\LMutilps32.exe
MD5: a824317ea303679481ef1039a5d66212 C:\Program Files (x86)\Launch Manager\LMworker.exe
MD5: 69259dd752862f5665413afcfb4c0b0e C:\Program Files (x86)\Launch Manager\MixerUtl.dll
MD5: f50d3e9b6e2b457f2bfed8f5eb4ed59a C:\Program Files (x86)\Launch Manager\NTKCUtl.dll
MD5: 20d30d8717e9dff90224b5ab37410d9d C:\Program Files (x86)\Launch Manager\OSDUtl2.dll
MD5: 71fc112959b07d686e71541bd9d4f237 C:\Program Files (x86)\Launch Manager\PowerUtl.dll
MD5: 9847bd963549569627da0ab5ad4362b3 C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll
MD5: fd5a0a28aaea0421039242a9d592212b C:\Program Files (x86)\Launch Manager\SzUPFUtl.dll
MD5: 063f592b4c0ae7f786bc1a1460fb380e C:\Program Files (x86)\Launch Manager\VistaVol.DLL
MD5: a53f59bc46766ce79e407ab6f451100d C:\Program Files (x86)\Launch Manager\Wnd2File.dll
MD5: cebda233d617ec620cc09480216763c6 c:\program files (x86)\microsoft office\office15\grooveex.dll
MD5: 18cf51689186aeb9d1d149aeb0e92d03 C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL
MD5: d2fa55f98aec5d82d055062101145c20 c:\program files (x86)\microsoft office\office15\ochelper.dll
MD5: eebf68cb652502a6d6b16b03487e05ec c:\program files (x86)\microsoft office\office15\urlredir.dll
MD5: 893bf7d2261c56c24f813405d9d018e0 c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
MD5: d6ed6eb98e759460ad8c66de23070132 C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
MD5: a76444e8f2806f97f329a5e28dff5290 C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.DEU
MD5: 21536af136f35d9e960b085c905c98fb C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
MD5: 06e93b92455937cc3e9fd5559a1c7a24 C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.FRA
MD5: 1cd5afb0e494ad571334ebba6e665a96 C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.JPN
MD5: 3b9398e0146855b1dc0e3d9769c80f01 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: e06e026fd9f20e8865e6a500e4726c45 C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
MD5: 37b499357915ea3e7f958ea2ff826d4b C:\Program Files (x86)\NTI\Acer Backup Manager\agent_stub.dll
MD5: 0d360f06b168a6f37aca9d9f958245da C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
MD5: 78f62b741b80433065eec2dfdc273a55 C:\Program Files (x86)\NTI\Acer Backup Manager\BookmarkDLL.dll
MD5: 5c304121590b578916b1b658707cd38a C:\Program Files (x86)\NTI\Acer Backup Manager\ISchedule.DLL
MD5: 1873214666f6f0a883742df91fbc48c9 C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
MD5: bf0a9d0aa8706c5e694a63354dc7fdb2 C:\Program Files (x86)\NTI\Acer Backup Manager\LUInterface.dll
MD5: 66f1bf58843e814aa0acf586cfd8e94b C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
MD5: e0bbbb56a661b872a163ce3132f6fba1 C:\Program Files (x86)\NTI\Acer Backup Manager\MUI\0409\lang.dll
MD5: 8b4dbeef5d88009af0cff29de6729951 C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookDispatch.dll
MD5: 7dd3b82eabfcf8cb82e39e2e9547c0a1 C:\Program Files (x86)\NTI\Acer Backup Manager\Pehook.DLL
MD5: 47daaccb81f4fa958f4de5855827df22 C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MD5: 898617d27dd24d3e426f08d462521c9c C:\Program Files (x86)\NTI\Acer Backup Manager\SyncDll.DLL
MD5: 021b54cf2cca4ad82735e7cfbdc26df8 C:\Program Files (x86)\NTI\Acer Backup Manager\VssAgent.dll
MD5: 4514f3f5d641f7f3bc7c655b07dc67b0 C:\Program Files (x86)\NTI\Acer Backup Manager\WinSetDLL.dll
MD5: 6db01688fdbf299f426eeb01ddec684a C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
MD5: 50d9949020e02b847cd48f1243fcb895 C:\Program Files (x86)\Skype\Updater\Updater.exe
MD5: 3072137896bfccf4b190d248f583b48e C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
MD5: 0a1ff0b674e2f268799442a434a63bb3 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
MD5: 7d21171da91a625692daa6e0f27d27b2 C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
MD5: 48425c93b6f36529707206e4fa680cf3 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
MD5: f0474296ac4e0e6bde733c1b8513e41a C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
MD5: 93b73ded2bc688f140c6ae2fbad45789 C:\Program Files\Acer\Acer Updater\UpdaterService.exe
MD5: 9ea93673394601db13cf5519cf7f5de7 C:\Program Files\AVAST Software\Avast\1033\Base.dll
MD5: 38c2dffaf625f42ead1b79f6b3c80ea8 C:\Program Files\AVAST Software\Avast\1033\UILangRes.dll
MD5: 39d931c0ce95706e3951f0a097039301 C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MD5: 2d44ebd52ec34e25dda0eee07032c418 C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MD5: e693a3ac10f2fc6aa0db865a04108022 C:\Program Files\AVAST Software\Avast\ahresmai.dll
MD5: 33edf6ccc9deb9e6efd8d7fc423d6123 C:\Program Files\AVAST Software\Avast\ahresstd.dll
MD5: 0acfc95ee2af5c5e568621d097cc4fa2 C:\Program Files\AVAST Software\Avast\ahresws.dll
MD5: 2122feef03bcb6cfe5c67483666b2a62 C:\Program Files\AVAST Software\Avast\ahresws2.dll
MD5: 38fc1d28b0e1ea74f98bb3f743db101a C:\Program Files\AVAST Software\Avast\ashBase.dll
MD5: be37d90fa0349b08b036bd33e85141c9 C:\Program Files\AVAST Software\Avast\ashServ.dll
MD5: e4b7e7985cb75de4e48e96d35a0dbf97 C:\Program Files\AVAST Software\Avast\ashTask.dll
MD5: 95884e0e8eae21f7df7a8916a7e058cf C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MD5: 12b437cad5fc07b3b33ce1c1355bbcc6 C:\Program Files\AVAST Software\Avast\aswAra.dll
MD5: 3211e20da6c5ebe28cf7e4c3a55278e4 C:\Program Files\AVAST Software\Avast\aswAux.dll
MD5: 1ba6666ed0c7b576088a36e911199033 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MD5: b57fd7dd0faf85f737dc3d483a9d63bb C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MD5: 3ced666bc61431dcd928e03ed4abcaea C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MD5: 8d113c7490621ff50f9ba46c7d8c423e C:\Program Files\AVAST Software\Avast\aswCommChannel.dll
MD5: 7ebd87a09658779205891d08f37ab234 C:\Program Files\AVAST Software\Avast\aswData.dll
MD5: 77f8c2f976899f7656c5e34d145b13f2 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MD5: d5862c49cb0128de426b9a6d815fd9ea C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MD5: 847854c4c4332dc00665380dabc06c41 C:\Program Files\AVAST Software\Avast\aswJSScan.dll
MD5: 44574eafcdda003a22e4df3ea73840af C:\Program Files\AVAST Software\Avast\aswLog.dll
MD5: 8e8d82756f3ddc86d53651e3fb432b9d C:\Program Files\AVAST Software\Avast\aswpatchmgt.dll
MD5: 29fe98d9412388243e41869143d1805b C:\Program Files\AVAST Software\Avast\aswProperty.dll
MD5: 1c9279122415243f236d337a09bf5360 C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
MD5: 6c636f85ae27b1b2c789599bb1136f9d C:\Program Files\AVAST Software\Avast\aswResourceLib.dll
MD5: c30beb2365677974efa19b791e1aad85 C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MD5: 5a9bd26d965f1e4dac668c8f0c738fb7 C:\Program Files\AVAST Software\Avast\aswStrm.dll
MD5: b60ff0cc532b9d3e28610f614cdedb64 C:\Program Files\AVAST Software\Avast\aswUtil.dll
MD5: 18774b66edf003f338a0802ff2b122e0 c:\program files\avast software\avast\aswwebrepie.dll
MD5: 7486ba75019d8c3a13eba7867faabe7d C:\Program Files\AVAST Software\Avast\avastIP.dll
MD5: 73f5c13b431915bae35254b4e95dfb71 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
MD5: 26b558b2d31c7425b455b00e562ead93 C:\Program Files\AVAST Software\Avast\avastui.exe
MD5: 59fd0296e32362cd7a3e66a028b56b9a C:\Program Files\AVAST Software\Avast\CommonRes.dll
MD5: 5c5e3afd499e5146fef1da5ef8a23205 C:\Program Files\AVAST Software\Avast\dbghelp.dll
MD5: e5d844349ded61f1c76ed27afb11aefa C:\Program Files\AVAST Software\Avast\defs\14111301\algo.dll
MD5: b6cbb2e0d6740c0abe6ef65d25fe0687 C:\Program Files\AVAST Software\Avast\defs\14111301\aswCleanerDLL.dll
MD5: 9f3e06421488d777be1165f871130b09 C:\Program Files\AVAST Software\Avast\defs\14111301\aswCmnBS.dll
MD5: f5e6783580de7936e13a00d14ee3c8bd C:\Program Files\AVAST Software\Avast\defs\14111301\aswCmnIS.dll
MD5: e6c933f822c174a0b3cd97792e2ef60c C:\Program Files\AVAST Software\Avast\defs\14111301\aswCmnOS.dll
MD5: 62b44d4c36e06d7e790e0f3c58717c8b C:\Program Files\AVAST Software\Avast\defs\14111301\aswEngin.dll
MD5: 5e32e7c5542d95e04e8abe8b3f676d11 C:\Program Files\AVAST Software\Avast\defs\14111301\aswFiDb.dll
MD5: 5b2a49376e0c3edbb46562bd9b9e34e6 C:\Program Files\AVAST Software\Avast\defs\14111301\aswRep.dll
MD5: de9f7ded347390ab7b6f0ee886dadbcd C:\Program Files\AVAST Software\Avast\defs\14111301\aswScan.dll
MD5: 8613fea12fec64ef26b54b4f58c5a46d C:\Program Files\AVAST Software\Avast\defs\14111400\algo.dll
MD5: b6cbb2e0d6740c0abe6ef65d25fe0687 C:\Program Files\AVAST Software\Avast\defs\14111400\aswCleanerDLL.dll
MD5: 9f3e06421488d777be1165f871130b09 C:\Program Files\AVAST Software\Avast\defs\14111400\aswCmnBS.dll
MD5: f5e6783580de7936e13a00d14ee3c8bd C:\Program Files\AVAST Software\Avast\defs\14111400\aswCmnIS.dll
MD5: e6c933f822c174a0b3cd97792e2ef60c C:\Program Files\AVAST Software\Avast\defs\14111400\aswCmnOS.dll
MD5: 62b44d4c36e06d7e790e0f3c58717c8b C:\Program Files\AVAST Software\Avast\defs\14111400\aswEngin.dll
MD5: 5e32e7c5542d95e04e8abe8b3f676d11 C:\Program Files\AVAST Software\Avast\defs\14111400\aswFiDb.dll
MD5: 5b2a49376e0c3edbb46562bd9b9e34e6 C:\Program Files\AVAST Software\Avast\defs\14111400\aswRep.dll
MD5: de9f7ded347390ab7b6f0ee886dadbcd C:\Program Files\AVAST Software\Avast\defs\14111400\aswScan.dll
MD5: 7ff223e1eea9936b7662ba08a7f8d015 C:\Program Files\AVAST Software\Avast\defs\14111400\swhealthex.dll
MD5: a638a2401ceb4518d4c55a935bc75f6c C:\Program Files\AVAST Software\Avast\defs\14111400\uiExt.dll
MD5: a9ff57ec69f8c593aa3712b3c8f02002 C:\Program Files\AVAST Software\Avast\HTMLayout.dll
MD5: 5be1cd443e2d6495e22cbb40d532e1f0 C:\Program Files\AVAST Software\Avast\icudt.dll
MD5: 0e3dbab333b4dab6e423b21df63ee963 C:\Program Files\AVAST Software\Avast\libcef.dll
MD5: 62cc8c657affea3d06fe2ca98883b5d8 C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
MD5: e1ddc372856277744bd6ea9dbbb60198 C:\Program Files\AVAST Software\Avast\snxhk.dll
MD5: 10505f2b5a89b60971192505824a5ef3 C:\Program Files\AVAST Software\Avast\ssleay32.dll
MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: fe9c0029e1af26350d9985d00520e5c8 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
MD5: 11e0b35479c895888ba3d7f619dcfff3 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
MD5: afb5b500ad69e24ed1bc15d1161641ef C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 2bacd71123f42cea603f4e205e1ae337 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MD5: 600b406a04d90f577fea8a88d7379f08 C:\Program Files\Intel\TurboBoost\TurboBoost.exe
MD5: e50a1db5de70d656287511297b42f9f2 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: e50a1db5de70d656287511297b42f9f2 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: e50a1db5de70d656287511297b42f9f2 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: e50a1db5de70d656287511297b42f9f2 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: e50a1db5de70d656287511297b42f9f2 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 835fc2ea0631b734bb06c12b0665f01d C:\Program Files\iPod\bin\iPodService.exe
MD5: e897f9b62e611d59fdfab82fc829b93a C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
MD5: 5dada908e14051d65db1991cb0b1f58d C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MD5: 4ffa2884411f1b6755e15ae623904650 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MD5: 7cbb1d4d13dc62d7f529d87151fd3cd3 C:\Program Files\Windows Defender\mpsvc.dll
MD5: 06c8fa1cf39de6a735b54d906ba791c6 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: 7f645bfb17702e90d8f3be1884a5eba0 C:\ProgramData\HP Photo Creations\Communicator.exe
MD5: d2377c9458efeb094e38b8c874aa214c C:\Users\TeamTkac\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
MD5: 51508f0c2476177e50c31b0bbfbf1bdb C:\Users\TeamTkac\AppData\Local\Google\Update\GoogleUpdate.exe
MD5: dd502a2e7b85ea7a3814c1034e6c23d3 C:\Windows\AppPatch\AcGenral.DLL
MD5: 25819b8010d08721ffaaa8af857fb8c8 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e8d9058b7f59f6d3d134b086916d8674\IAStorCommon.ni.dll
MD5: 28ee10018d6b8e81b108edd42813330d C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\b63d4ef0a8e0d01191b7404253d0077e\IAStorDataMgr.ni.dll
MD5: 4485a633bf5edc765900037ccd57f616 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\03733d94c83350990d45d4de1789dfda\IAStorDataMgrSvc.ni.exe
MD5: 5292ccb51fcc173c5e5db90e78b6684a C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\264e5abc389d22fc1e98920cf675ad68\IAStorUtil.ni.dll
MD5: 4bf9c69aa47bc946cbc2ad96a9cd2773 C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
MD5: b7a50025e0d3521e6aa4d2f047c95f61 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MD5: 49ba0caaa0668976382abb600870129c C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MD5: b74a81c9cad5b324dc2e2a57ccc60c72 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll
MD5: d4a6547df01a88fecbaac7c987e0e201 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MD5: 2fbb653f8bf919e32c9869fa545a5f01 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MD5: aa60fc73326973a774036486421f386c C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MD5: 07e182aa3ed9df0166f72b40dcc2cba1 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MD5: c1f1e53851faa7e029cfa07daf9a5e81 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MD5: bc46e30e37edcdd7e45493b80e131ea7 C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MD5: d89f78736feafeeedf12de2895fb2779 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MD5: 68580aef5f1529e493f5de41622d0c92 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MD5: 8ef0309c4869afd147952dbe491a23c8 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll
MD5: 11930a7074f0553e1062dfa01430ee58 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MD5: 5189453c92150449983d948b4cb32078 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\d83810da4cb0cf0802c2cf15c652b368\System.EnterpriseServices.ni.dll
MD5: e9a1ec5441dc17f944d30f2d844ef43a C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\d83810da4cb0cf0802c2cf15c652b368\System.EnterpriseServices.Wrapper.dll
MD5: d23cec922c60f565267968294a699667 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\92a3b88ac6300af062edd6503bc5903c\System.IdentityModel.ni.dll
MD5: d1029eef72df1410fcaae8bfdf00cc0d C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MD5: cc1c0148477e5d3a717ef7a62bd535fd C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\51d4d139f9b740978450f2aa473f6f13\System.Security.ni.dll
MD5: d3f2f4e40e7552b978516895f0ee4400 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll
MD5: e859f50707c775a737dc5c08d9e93e03 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MD5: 6e78330be6d98f577f74eb13ac322f9e C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\8c9f9e94e93956d68b43e34324790c6d\System.ServiceModel.Web.ni.dll
MD5: 77c966d0ab83751504940c788dcb678f C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
MD5: 7db19c1c9c049fc8aa5bb9ed710a14d7 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\a26884cd80c1d4a7e3f00c795e5cb305\System.Transactions.ni.dll
MD5: 4e886667dd5bc1b44e280404310443c2 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MD5: aa5d30751af160ccfd66e55ac0d06f92 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll
MD5: d9747507d0885342b3d94c3fa4a784ed C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MD5: 311c2664fa7b215b31345469d7b143c6 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
MD5: 62eb3624cd0767800959f9a07c5c1186 C:\Windows\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
MD5: 60febd0291c5ba7d12af77f4764f8251 C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MD5: f8f69b15ea0c42812b7fa6079f8dd9c9 C:\Windows\Microsoft.Net\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
MD5: b4d73f04e9bc076f7cdac4327df636bb C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
MD5: c98a5b9d932430ad8eebd3ef73756ef7 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 9a262edd17f8473b91b333d6b031a901 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
MD5: 4aedab50f83580d0b4d6cf78191f92aa C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
MD5: 21318671bcad3acf16638f98d4d00973 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
MD5: 09a116fb06c5e362ef8938d29cdab27b C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: f13ec8a783e0cb0d6dc26a3ca848b7b8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
MD5: ff98ef5a50ea52fa115fe60b0f0a92b1 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 8e2242bb3cb7a632a8cf22bde2a41ae1 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MD5: 3ad3602258590f5a3c45dc7a029d0140 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MD5: 5e3c0e5ffda48c5da35bbfb8efff8066 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 2aec3b1ed15dffcf7bbf3dfd32342ca8 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
MD5: e87213f37a13e2b54391e40934f071d0 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
MD5: 71ecc01f9928873a5deb5b475c0f2429 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: b53bbeb3a90030adcd8fcec26ab0e65b C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: cfcd9edb4b54653b767ebdf722ba8309 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 4810bdb223adbef09c6a96153f7b9987 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: 05635e9f41c3ed112e48b06a039c0b3d C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: ca9bf20c89804ddf90b77186e9c4053d C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: 6ab46ceebd62287b3cac9cabf35c0b31 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: c1b384335b462d49d44a36eef3d84458 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 9bb5788e5403adb0fbec56c12fdf01f6 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: e1364901e2db1d50069b3c7d3167d788 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: c204a714c587e5935d93818357c5f2f1 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: ab19dc0b708cfda06567b1428d5ebe16 C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: 4d338a4961c16ce062725508a43392ad C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 1f89ee12d56d833d0bf4b8070d213a27 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: f8664c3b4a7365773312eae6593e7525 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 6f482e6ba305ab471d0baf728bc75310 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 541f08d2a39affbd938c76137407d286 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: 9ceba869447b1e338631db05493c21ce C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: c74df35f56ca85075060ed2a715d776a C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 5ea6870fe09f75d92e26a2614a756659 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: b28490ac5caabf0bf796a49946300f67 C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 65e14c022a7e3a70c7fd2627ef75b4d6 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: c7280f39f0e4ed5ddb97630b59c1a804 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: e515b51caa7ce378ca9419ee9b07cd2f C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 232e3a49a5897afda0881f3d2a1ad98a C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: 46237f5c64ca4638024e341be2ad1d19 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: ccba7f264a5259df5f6915cbefc453c9 C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: c3566123385c8ff53bffe4d7413f6290 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
MD5: ff41cf91302c9c12bc2abd41989ddeb5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: 088cf5b6380fb9002f2a4246f812225d C:\Windows\system32\asycfilt.dll
MD5: c85670ab64068f8080998aeba6c5019c C:\Windows\system32\ATL100.DLL
MD5: aa7325057a1e1cc401798c0b1238e182 C:\Windows\system32\AUDIOSES.DLL
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 8205e55dfb11809e5f2aad1c48840535 C:\Windows\system32\credssp.dll
MD5: 7b851a8018b1ea00a69707a390004884 C:\Windows\system32\cryptnet.dll
MD5: 6b07ee9c7668d2c704563da838026828 C:\Windows\system32\CRYPTSP.dll
MD5: 623e143f2df17c0106a9988f5d7dc878 C:\Windows\system32\cryptsvc.dll
MD5: 6bb12a7ca8779d96334b258548b071f5 C:\Windows\system32\CRYPTUI.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 14800bd31701a5047ac3145bb1e698ae C:\Windows\system32\d2d1.dll
MD5: 6de66fe7c526637e74cd066461c7c871 C:\Windows\system32\d3d11.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
MD5: eaf4712b706936c0b10d3b5319b37e81 C:\Windows\System32\davclnt.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: 2342ec9254f4c60ca98441bd65c89e12 C:\Windows\system32\DCIMAN32.dll
MD5: 162d247e995eaebf3ef4289069e1111c C:\Windows\system32\DEVRTL.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: 81f6c1ae23b1c493d9e996c3103915d7 C:\Windows\system32\dhcpcsvc6.DLL
MD5: 5e08ac958be05247ff1539e0d1ce7905 C:\Windows\system32\DINPUT8.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
MD5: 1c0e369575f387460e2a5f28269b2cc4 C:\Windows\system32\DWrite.dll
MD5: d4f264fe23f8953d840904418220c15e C:\Windows\system32\dxgi.dll
MD5: 1060d60cca69a8136a87dbe3c8f4a467 C:\Windows\system32\EhStorAPI.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: f0d0e883ebbdc7615dc9edea0ffb2817 C:\Windows\System32\fwpuclnt.dll
MD5: 1cd5c2dfd2a5bf6da720386679f3c449 C:\Windows\system32\hpzipr12.dll
MD5: 36ee0a2a981617610f921bcbb997db06 C:\Windows\system32\IEFRAME.dll
MD5: 8585bc27224f97458c186aa085b754a7 C:\Windows\system32\IEUI.dll
MD5: ac9787996d9fd976f270de51e4df821b C:\Windows\system32\igd10umd32.dll
MD5: 46945c5a90618104e35e017bcb23a4e6 C:\Windows\system32\igdumd32.dll
MD5: 59a50ff01d18065cc7a4d884769d636f C:\Windows\system32\igdumdx32.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\IPHLPAPI.DLL
MD5: 8bc9db92c4b2f3be89185beab2afc1f6 C:\Windows\system32\MAPI32.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\System32\MMDevApi.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d C:\Windows\SYSTEM32\MSCOREE.DLL
MD5: 93074c4fa92a8399404d032f6af72c1b C:\Windows\system32\MSHTML.dll
MD5: cb55b9aab060c803be4ad229aa0fec28 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: c5a99a4c0dc9f0f5a95ba0c83d30a549 C:\Windows\System32\mstask.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\Windows\system32\MSVCP100.dll
MD5: fd5cabbe52272bd76007b68186ebaf00 C:\Windows\system32\MSVCP120.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Windows\system32\MSVCR100.dll
MD5: 0dca5f8af83975061d9d8340dc471b5c C:\Windows\system32\MSVCR110_CLR0400.dll
MD5: 034ccadc1c073e4216e9466b720f9849 C:\Windows\system32\MSVCR120.dll
MD5: e94c583cde2348950155f2af2876f34d C:\Windows\system32\MSWSOCK.dll
MD5: 537184e7306e06bb22c5b93d2afa4df8 C:\Windows\System32\msxml3.dll
MD5: e227b810296aa27e6c69307a7b6456e5 C:\Windows\System32\msxml6.dll
MD5: 8fe6ab488ecdc60930ce973a7051b0d4 C:\Windows\system32\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\Windows\system32\NETAPI32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 0ba65122ffa7e37564ee86422dbf7ae8 C:\Windows\system32\NLAapi.dll
MD5: d7b7159bc8374e87d8c45a30377a3440 C:\Windows\System32\ntlanman.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\Windows\system32\ntshrui.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\OLEPRO32.DLL
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: e98278865e8daba21cfe5fe4be34210a C:\Windows\system32\PortableDeviceApi.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\System32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 63b282fb2550893724647a359ba2323f C:\Windows\system32\query.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\SAMCLI.DLL
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: 9216abfd53f5ec1f35c3554ad1a175de C:\Windows\system32\secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: 2c4a87ca8c00e98efdcfa2e8ec9a3503 C:\Windows\System32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: ad6db3f85d329aba90eaf7b2d8a2eea9 C:\Windows\system32\ssText3d.scr
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 8b285bdab7735fdfb18e6f7122923b77 C:\Windows\System32\UIAnimation.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: 13337a3fb17f2242487fd45488ed0485 C:\Windows\system32\VSSAPI.DLL
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: 75e8ebd7040ce238684333f97014762a C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\system32\webio.dll
MD5: a054ea8fbe16d4d34f06d81a4f0088e2 C:\Windows\system32\WindowsCodecs.dll
MD5: 62a6eb5771580cae445804389f3f7432 C:\Windows\system32\windowscodecsext.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: fd67683fba9b2c4bb551780bd8846f64 C:\Windows\system32\WINSTA.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: a8cdf3768604ff95b54669e20053d569 C:\Windows\system32\WSCAPI.dll
MD5: 7df186d86cf8c571a12aab788c777f84 C:\Windows\system32\wscproxystub.dll
MD5: ac122407b29378ff9646f03404ac7c54 C:\Windows\system32\wshbth.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\system32\XmlLite.dll
MD5: d67472125471784de7147946eda25feb C:\Windows\syswow64\ADVAPI32.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\comdlg32.dll
MD5: 454bf1e3b844306e764adc0ea7b6e64c C:\Windows\syswow64\CRYPT32.dll
MD5: 6b07ee9c7668d2c704563da838026828 C:\Windows\SysWOW64\CRYPTSP.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: 980305ac3af53c1964a11190451abb32 C:\Windows\syswow64\GDI32.dll
MD5: 5e01004cbc35a78fe2ab4016ccad4760 C:\Windows\SysWOW64\ieapfltr.dll
MD5: 36ee0a2a981617610f921bcbb997db06 c:\windows\syswow64\ieframe.dll
MD5: fa310bd4a5de904445ddde54c5a654f2 C:\Windows\syswow64\iertutil.dll
MD5: e7b9d5ff20ffdd4aae2ef1d1b8c27a37 C:\Windows\syswow64\imagehlp.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\syswow64\IMM32.dll
MD5: ae39939f1e25401b9a4952a7a8d372ac C:\Windows\SysWow64\jscript9.dll
MD5: 76161b9d78a275f8f28dd67436013110 C:\Windows\syswow64\kernel32.dll
MD5: 461b713de7f353c6447b744f1a049930 C:\Windows\syswow64\KERNELBASE.dll
MD5: cc23295da8f7b5c53f93804d2f5d30eb C:\Windows\syswow64\LPK.dll
MD5: 6bc2735d5be2db20193cc868c1fbc575 C:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_223.ocx
MD5: d51145f6b0ce987850f13a61dad5e531 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: cb55b9aab060c803be4ad229aa0fec28 C:\Windows\SysWOW64\msi.dll
MD5: b580a6b9932669de703001aee66d5bb1 C:\Windows\SysWOW64\msv1_0.DLL
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\syswow64\msvcrt.dll
MD5: a2b0924d50f4435fd389499047ce553a C:\Windows\SysWOW64\ntdll.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: eda54d2e17c0271d2cda946abe344110 C:\Windows\syswow64\OLEAUT32.dll
MD5: d8bed6ba298dbaaf6f3d746739fcd333 C:\Windows\syswow64\RPCRT4.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\SysWOW64\RpcRtRemote.dll
MD5: 8cfaefcd7f1e004950fcae870a501b3e C:\Windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
MD5: 386bf6fd9fc562b1a5558c49e1c3a6fb C:\Windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
MD5: 13e5b1cd503a4b21e9f0a2d55a00198b C:\Windows\syswow64\SspiCli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\SysWOW64\SXS.DLL
MD5: 4772db007ffbd4bbe3f526704bca67fe C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\syswow64\USERENV.dll
MD5: a5f833506bf6a1b5d693e1499dee2444 C:\Windows\syswow64\USP10.dll
MD5: 6dd7d61a8ef3dfec4faefeb395e77424 C:\Windows\syswow64\WININET.dll
MD5: e365c7b3ebb96451d3c9df6b6b6900c2 C:\Windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: b8de851298e99a005bfd34aa906b3fe8 C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
MD5: 3e29914113ec4b968ba5eb1f6d194a0a C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCP110.dll
MD5: 4ba25d2cbe1587a841dcfb8c8c4a6ea6 C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 1f5afd468eb5e09e9ed75a087529eab5 C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
MD5: 28a09777d2d952122567a8a82f1a2c7b C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: d34a527493f39af4491b3e909dc697ca C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: ca6ade4f7761bb15b3325356dc3b82bb C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
MD5: 75f5e1fe8d55cf8e577e0ec5f2290d3f C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: ee19c85ca685a275be346ec41f1870f9 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\gdiplus.dll
No file uploaded.
Scan finished - communication took 2 sec
Total traffic - 0.02 MB sent, 1.61 KB recvd
Scanned 607 files and modules - 41 seconds
==============================================================================
Trusted Helper
Hi.
All looks really good and no residual malware is found. If everything is running well for you we can close to cleanup.
You happy with how things are?
Member
Ruggie - I'm totally happy with the way this computer is running! Not only are the number of processes running much smaller, but the lag time to open up the ie browser and access websites is significantly shorter. I guess the main question left is how do I keep it this way? As you know, I have avast loaded and running, as well as malwarebytes. I'm totally open to suggestions you have going forward with a strategy to keep something like this from happening again.
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.
Sign In
Create Account
